Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Move $HOME env variable outside web server's Document root #454

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Move $HOME env variable outside web server's Document root #454

wants to merge 2 commits into from
+38 −9

Conversation

SlouchyButton
Copy link

@SlouchyButton SlouchyButton commented Jul 8, 2024
edited by github-actions bot
Loading

Overwrite $HOME env variable for all supported versions. Default $HOME is directed inside the web server's Document root, which means that applications that save potentially private data to $HOME (e.g. bash's histfile) will save them into a folder accessible outside the container via the web server. This means there is a possibility of leaking the data.

This does not occur in all cases, namely bash won't create a histfile at all, when user sets a different user via --user= argument in podman run command, as in that case bash doesn't have a permission to write into the $HOME.

Fixes: #255

@pkubatrh
Copy link
Member

[test]

phracek
phracek requested changes Jul 30, 2024
View reviewed changes
test/run Outdated Show resolved Hide resolved
@phracek
Copy link
Member

phracek commented Aug 1, 2024

[test-all]

phracek
phracek reviewed Aug 1, 2024
View reviewed changes
Copy link
Member

@phracek phracek left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for this pull request. The change itself LGTM. Let's wait for the tests. Good Job.

@github-actions GitHub Actions
Copy link

github-actions bot commented Sep 27, 2024
edited
Loading

Pull Request validation

Failed

🔴 Failed or pending statuses - Testing Farm - RHEL9 - PyTest - OpenShift 4 - 8.1[error],Testing Farm - RHEL9 - PyTest - OpenShift 4 - 8.0[error],Testing Farm - RHEL8 - PyTest - OpenShift 4 - 7.4[error],Testing Farm - RHEL8 - PyTest - OpenShift 4 - 8.0[error],Testing Farm - RHEL8 - PyTest - OpenShift 4 - 8.2[error],Testing Farm - RHEL9 - PyTest - OpenShift 4 - 8.2[error]
🔴 Review - Missing review from a member (2 required)

Success

🟢 Review - Reviewed by undefined

@phracek
Copy link
Member

phracek commented Nov 4, 2024

[test-all]

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 4, 2024
edited
Loading

Testing Farm results

namecomposearchstatusstarted (UTC)timelogs
RHEL9 - PyTest - OpenShift 4 - 8.1RHEL-9.4.0-Nightlyx86_64❌ failed04.11.2024 13:45:4412min 45stest pipeline
RHEL9 - PyTest - OpenShift 4 - 8.0RHEL-9.4.0-Nightlyx86_64❌ failed04.11.2024 13:45:2313min 14stest pipeline
RHEL8 - PyTest - OpenShift 4 - 7.4RHEL-8.10.0-Nightlyx86_64❌ failed04.11.2024 13:45:1116min 10stest pipeline
RHEL8 - PyTest - OpenShift 4 - 8.0RHEL-8.10.0-Nightlyx86_64❌ failed04.11.2024 13:45:1616min 15stest pipeline
RHEL8 - PyTest - OpenShift 4 - 8.2RHEL-8.10.0-Nightlyx86_64❌ failed04.11.2024 13:47:1815min 49stest pipeline
RHEL9 - 8.0RHEL-9.4.0-Nightlyx86_64✅ passed04.11.2024 13:44:4722min 42stest pipeline
RHEL9 - 8.2RHEL-9.4.0-Nightlyx86_64✅ passed04.11.2024 13:45:0123min 60stest pipeline
RHEL9 - 8.1RHEL-9.4.0-Nightlyx86_64✅ passed04.11.2024 13:44:4924min 16stest pipeline
RHEL9 - PyTest - OpenShift 4 - 8.2RHEL-9.4.0-Nightlyx86_64❌ failed04.11.2024 13:55:0415min 48stest pipeline
RHEL8 - 7.4RHEL-8.10.0-Nightlyx86_64✅ passed04.11.2024 13:44:4026min 21stest pipeline
RHEL8 - 8.2RHEL-8.10.0-Nightlyx86_64✅ passed04.11.2024 13:45:0026min 50stest pipeline
RHEL8 - 8.0RHEL-8.10.0-Nightlyx86_64✅ passed04.11.2024 13:44:5027min 16stest pipeline
RHEL9 - OpenShift 4 - 8.1RHEL-9.4.0-Nightlyx86_64✅ passed04.11.2024 13:59:5319min 32stest pipeline
RHEL8 - OpenShift 4 - 7.4RHEL-8.10.0-Nightlyx86_64✅ passed04.11.2024 13:59:3422min 22stest pipeline
RHEL9 - OpenShift 4 - 8.0RHEL-9.4.0-Nightlyx86_64✅ passed04.11.2024 13:59:3922min 13stest pipeline
RHEL8 - OpenShift 4 - 8.0RHEL-8.10.0-Nightlyx86_64✅ passed04.11.2024 13:59:3722min 16stest pipeline
RHEL9 - OpenShift 4 - 8.2RHEL-9.4.0-Nightlyx86_64✅ passed04.11.2024 14:01:1820min 59stest pipeline
RHEL8 - OpenShift 4 - 8.2RHEL-8.10.0-Nightlyx86_64✅ passed04.11.2024 14:00:1622min 14stest pipeline
Fedora - 8.2Fedora-latestx86_64✅ passed04.11.2024 13:45:0042min 24stest pipeline
Fedora - 8.1Fedora-latestx86_64✅ passed04.11.2024 13:44:5044min 8stest pipeline

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@phracek phracek phracek requested changes

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
pr/failing-ci pr/missing-review
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

HOME directory
3 participants
@SlouchyButton @pkubatrh @phracek