Closed TomSweeneyRedHat closed 5 years ago
Follow up for #341
@nalind @vrothberg PTAL at this and #341. @edsantiago found a one second delay in docker ps
over the latest in RHEL, but I used the prior commit to test and it was there too. Plus I don't think any of these changes are called by the ps command.
All other tests passed per Ed and this fixes the symlink cve issue.
Code changes LGTM to me
@rhatdan ptal
@nalind sent a couple of comments in IRC that I'm looking into ATM. Please hold on the merge until I finish looking.
the use of filepath.Base(absPath) as a chroot in daemon/archive.go:155 looks a little odd, but i'm not super-familiar with the code
a 'make help' at the top-level directory should list various targets that can be used to invoke some in-tree self-tests
I've reviewed @nalind 's comments, I think this is good to go as is. Removing the WIP.
- What I did Touched up a segv for the definition of tar and added a root dir to two other tar commands that were necessary upon further review/testing.
- How I did it vi and a lot of blood, sweat and tears.
- How to verify it Full Docker conformance testing. Honestly I need to figure out how to test it fully myself.
- Description for the changelog Fix for CVE-2018-15664
- A picture of a cute animal (not mandatory but encouraged)