Files
kata-containers/tests/functional
Markus Rudy 3dba12cd81 agent: constrain copy_file to shared directory
In confidential mode, the host is not trusted and might try to create
malicious files in the guest VM. This commit changes the implementation
of the CopyFile method to use pathrs, which is designed to prevent
accidental writes to locations outside the shared directory
(/run/kata-containers/shared/containers). It also adds a detailed
description of what the method does, and test cases for intended and
malicious use cases.

This was originally considered as a mitigation candidate for
https://github.com/kata-containers/kata-containers/security/advisories/GHSA-q49m-57vm-c8cc,
but we decided to go with the simpler change to address the immediate
risk. It's still desirable to lock down CopyFile writes for defense in
depth, thus the resubmission outside the GHSA.

Signed-off-by: Markus Rudy <mr@edgeless.systems>
2026-07-15 20:44:26 +02:00
..