|
|
|
@ -272,13 +272,13 @@ func (sbox *Sandbox) UnmountFile(file, binpath string, log *logging.Logger) erro
|
|
|
|
func (sbox *Sandbox) whitelistArgumentFiles(binpath, pwd string, args []string, log *logging.Logger) {
|
|
|
|
func (sbox *Sandbox) whitelistArgumentFiles(binpath, pwd string, args []string, log *logging.Logger) {
|
|
|
|
var files []string
|
|
|
|
var files []string
|
|
|
|
for _, fpath := range args {
|
|
|
|
for _, fpath := range args {
|
|
|
|
if _, err := os.Stat(fpath); err == nil {
|
|
|
|
|
|
|
|
if filepath.IsAbs(fpath) == false {
|
|
|
|
if filepath.IsAbs(fpath) == false {
|
|
|
|
fpath = path.Join(pwd, fpath)
|
|
|
|
fpath = path.Join(pwd, fpath)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if !strings.HasPrefix(fpath, "/home/") {
|
|
|
|
if !strings.HasPrefix(fpath, "/home/") {
|
|
|
|
continue
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if _, err := os.Stat(fpath); err == nil {
|
|
|
|
log.Notice("Adding file `%s` to sandbox `%s`.", fpath, sbox.profile.Name)
|
|
|
|
log.Notice("Adding file `%s` to sandbox `%s`.", fpath, sbox.profile.Name)
|
|
|
|
files = append(files, fpath)
|
|
|
|
files = append(files, fpath)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
xSmurf
10 years ago