Disallow mounting folders on the guest's root for WASIX modules #5475
Conversation
|
📝 Documentation updates detected! A separate PR for documentation updates has been made here: wasmerio/docs.wasmer.io#122 |
| if mount_path.as_path() == Path::new("/") { | ||
| bail!( | ||
| "The \"{package}\" package wants to mount a volume at \"/\", but that's not allowed", | ||
| ); | ||
| } |
There was a problem hiding this comment.
Maybe a helper function for this? It is used in fs v2 and v3. Something like (not tested),
fn check_volume_path(
mount_path: &PathBuf,
package: &str,
) -> Result<(), Error> {
if mount_path.as_path() == Path::new("/") {
bail!(
"The \"{package}\" package wants to mount a volume at \"/\", but that's not allowed",
);
}
Ok(())
}
There was a problem hiding this comment.
if only the code was that clean to begin with... it has been my experience that attempting to make clean implementations in code that's not clean by design usually leads to more complexity down the line, so when I see duplicate code, I also duplicate mine, to at least keep the code consistently unclean.
| guest: if is_wasix { | ||
| MAPPED_CURRENT_DIR_DEFAULT_PATH.to_string() | ||
| } else { | ||
| "/".to_string() |
There was a problem hiding this comment.
I'd love a const about "/", const ROOT_PATH: &str = "/"; or similar. What do you think?
There was a problem hiding this comment.
I'd happily approve of someone else doing that XD / is well-known enough to warrant not giving it a const of its own though.
|
Also, Tested-by: Charalampos Mitrodimas [email protected] |
|
This PR might have some implications, that we don't want. I remember other programs using |
|
@syrusakbary in fact, that's exactly what this PR is trying to prevent. Mounting things on
|
No description provided.