Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Checking for protected dirs must be against mountPoint and not location #3201

Merged
merged 1 commit into from
Feb 7, 2025
Merged

Checking for protected dirs must be against mountPoint and not location #3201

merged 1 commit into from
Feb 7, 2025

Conversation

jandubois
Copy link
Member

The validation code was written at a time when all mounts were mounted at location inside the guest because there was no separate mountPoint setting.

Now that mountPoint exists, the only validation for location is that the path exists on the host and designates a directory. All validation to protect guest directories must be done against mountPoint.

Fixes #3200

@jandubois jandubois mentioned this pull request Feb 6, 2025
Closed
@AkihiroSuda AkihiroSuda added this to the v1.0.5 milestone Feb 6, 2025
@jandubois
Checking for protected dirs must be against mountPoint and not location
9de6d51 
The validation code was written at a time when all mounts were mounted at
`location` inside the guest because there was no separate `mountPoint` setting.

Now that `mountPoint` exists, the only validation for `location` is that
the path exists on the host and designates a directory. All validation to
protect guest directories must be done against `mountPoint`.

Signed-off-by: Jan Dubois <jan.dubois@suse.com>
@jandubois jandubois force-pushed the validate-mountpoint branch from 5d0a44f to 9de6d51 Compare February 6, 2025 06:00
@jandubois
Copy link
Member Author

Sorry, just realized that I broke the location validation into 2 chunks. I've now moved the mountPoint validation after all location validation, to keep related things together.

AkihiroSuda
AkihiroSuda approved these changes Feb 7, 2025
View reviewed changes
Copy link
Member

@AkihiroSuda AkihiroSuda left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks

@AkihiroSuda AkihiroSuda merged commit 7e0934b into lima-vm:master Feb 7, 2025
29 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@AkihiroSuda AkihiroSuda AkihiroSuda approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
v1.0.5
Development

Successfully merging this pull request may close these issues.

Mount validation should check the mountPoint and not the location setting
2 participants
@jandubois @AkihiroSuda