|
Symbolic links might point to files outside of the chroot and
thus might delete files outside the chroot. This allows deletion
of arbitrary directories on the host from a malicious APKBUILD.
Following hard links shouldn't be a problem since hard links (usually)
cannot refer to directories and since remove(3) removes the link, not
the file it points to it shouldn't cause a problem.
I noticed this because alpine-baselayout creates /var/run as a symlink
to /run. Therefore causing /run to be deleted on the host when using
abuild-rmtemp which in turn causes a bunch of software to no longer
function properly (including OpenRC).
|