Affected by GO-2022-0390
and 3 other vulnerabilities
GO-2022-0390: Moby (Docker Engine) started with non-empty inheritable Linux process capabilities in github.com/docker/docker
GO-2022-0985: Docker supplementary group permissions not set up properly, allowing attackers to bypass primary group restrictions in github.com/docker/docker
GO-2022-1107: Container build can leak any path on the host into the container in github.com/docker/docker
GO-2024-2914: Moby (Docker Engine) is vulnerable to Ambiguous OCI manifest parsing in github.com/docker/docker
Package symlink implements EvalSymlinksInScope which is an extension of filepath.EvalSymlinks,
as well as a Windows long-path aware version of filepath.EvalSymlinks
from the Go standard library.
The code from filepath.EvalSymlinks has been adapted in fs.go.
Please read the LICENSE.BSD file that governs fs.go and LICENSE.APACHE for fs_test.go.
EvalSymlinks returns the path name after the evaluation of any symbolic
links.
If path is relative the result will be relative to the current directory,
unless one of the components is an absolute symbolic link.
This version has been updated to support long paths prepended with `\\?\`.