Added by milan over 2 years ago
Confine symlink paths under the build_dir
The file distributor doesn't ensure the path of a symlink being created is
contained under the
build_dir. As a result, a rogue input such as an ISO
Manifest that contains relative paths, could make Pulp write content to an
arbitrary system folder upon publish.
This patch prevents the issue by checking that the symlink path:
- is not absolute
- is not outside of the build directory
Thanks gmbnomis, for both identifying this issue as well as for reviewing and suggesting the fix.