Skip to content

If I create a compressed tar ball with etc/password in it. #41978

Closed
#42016
#41984
Closed
If I create a compressed tar ball with etc/password in it.#41978
#42016
#41984
Labels
area/builderBuildarea/imagesImage Servicekind/bugBugs are bugs. The cause may or may not be known at triage time so debugging may be needed.version/20.10
@rhatdan

Description

@rhatdan
rhatdan
opened on Feb 3, 2021
$ cat /tmp/Dockerfile
FROM scratch
ADD test.tar.gz /

$ gtar --pax-option=globexthdr.comment="test /etc/passwd" -czf test.tar.gz /etc/passwd
gtar: Removing leading `/' from member names

Now if I do a docker build of this, I end up with an image which has strange permissions on the directories it creates.

ls -l /
total 0
drwxrwxrwx. 2 root root 20 Feb  3 12:58 etc
drwxrwxrwx. 2 root root  6 Feb  3 12:58 tmp

It creates a tmp directory, no idea why? I would have figured that only /etc/passwd would be in the image.

Secondly it creates the /etc directory as 777 permissions?

In docker 19.3 version it created these directories as 755 permissions. Was this an intentional change?

Metadata

Metadata

Assignees

No one assigned

    Labels

    area/builderBuildarea/imagesImage Servicekind/bugBugs are bugs. The cause may or may not be known at triage time so debugging may be needed.version/20.10

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions