Aleksa Sarai, as the maintainer of the
runc container runtime, faces a
constant battle against security problems. Recently, runc has seen
another
instance of a security vulnerability that can be traced back to the difficulty of handling file paths on Linux. Sarai spoke at the 2025
Linux Plumbers Conference
(slides;
video)
about
some of the problems runc has had with path-traversal vulnerabilities, and to ask people to please use
libpathrs, the library that he has been developing for
safe path traversal.
https://lwn.net/Articles/1050887/
--- SBBSecho 3.34-Linux
* Origin: Palantir * palantirbbs.ddns.net * Pensacola, FL * (86:200/23)