symlink

package module

v0.3.0 Latest Latest Go to latest Published: Jul 16, 2024 License: Apache-2.0 Imports: 5 Imported by: 513

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/moby/sys

Links

Open Source Insights

Documentation ¶

Rendered for

Overview ¶

Package symlink implements FollowSymlinkInScope which is an extension of path/filepath.EvalSymlinks, as well as a Windows long-path aware version of path/filepath.EvalSymlinks from the Go standard library.

The code from path/filepath.EvalSymlinks has been adapted in fs.go. Read the LICENSE.BSD file that governs fs.go and LICENSE.APACHE for fs_unix_test.go.

Index ¶

func EvalSymlinks(path string) (string, error)
func FollowSymlinkInScope(path, root string) (string, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func EvalSymlinks ¶

func EvalSymlinks(path string) (string, error)

EvalSymlinks is a modified version of path/filepath.EvalSymlinks from the Go standard library with support for Windows long paths (paths prepended with "\\?\"). On non-Windows platforms, it's an alias for path/filepath.EvalSymlinks.

EvalSymlinks returns the path name after the evaluation of any symbolic links. If path is relative, the result will be relative to the current directory, unless one of the components is an absolute symbolic link.

EvalSymlinks calls path/filepath.Clean on the result.

func FollowSymlinkInScope ¶

func FollowSymlinkInScope(path, root string) (string, error)

FollowSymlinkInScope evaluates symbolic links in "path" within a scope "root" and returns a result guaranteed to be contained within the scope "root" at the time of the call. It returns an error of either "path" or "root" cannot be converted to an absolute path.

Symbolic links in "root" are not evaluated and left as-is. Errors encountered while attempting to evaluate symlinks in path are returned, but non-existing paths are valid and do not constitute an error. "path" must contain "root" as a prefix, or else an error is returned. Trying to break out from "root" does not constitute an error, instead resolves the path within "root".

Example:

// If "/foo/bar" is a symbolic link to "/outside":
FollowSymlinkInScope("/foo/bar", "/foo") // Returns "/foo/outside" instead of "/outside"

IMPORTANT: It is the caller's responsibility to call FollowSymlinkInScope after relevant symbolic links are created to avoid Time-of-check Time-of-use (TOCTOU) race conditions (CWE-367). No additional symbolic links must be created after evaluating, as those could potentially make a previously-safe path unsafe.

For example, if "/foo/bar" does not exist, FollowSymlinkInScope("/foo/bar", "/foo") evaluates the path to "/foo/bar". If one makes "/foo/bar" a symbolic link to "/baz" subsequently, then "/foo/bar" should no longer be considered safely contained in "/foo".

Types ¶

This section is empty.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL