oci/layout: add GetLocalBlobPath() #2728
Conversation
|
@mtrmac PTAL, no idea if this is the right approach. One thing I noticed the blob files are written with 644 perms, would it make more sense to chmod that to 444 instead? That way we can better avoid someone accidentally writing the file I think. |
There was a problem hiding this comment.
ACK, this makes sense.
Note the part about non-existent digests.
One thing I noticed the blob files are written with 644 perms, would it make more sense to chmod that to 444 instead? That way we can better avoid someone accidentally writing the file I think.
That’s certainly a good idea for files below imgspecv1.ImageBlobsDir; it wouldn’t work to just replace the mode values, because we tend to os.WriteFile without checking for pre-existing files — that would need to be adjusted.
I’m a bit more worried about the non-digest files like ImageIndexFile, I can imagine (but I have never heard of) users who have scripts that write to oci: and then edit those files directly.
Yeah I don't know how thes eparts here work, mostly wondering if we should protect ourselves so that API is not abused to write directly (and yeah if someone wants they can just chmod it back so it is not like it helps security). |
FWIW, the code has, so far, been the simplest implementation possible, there is no “deep sense” to it. E.g. it doesn’t do any locking because we couldn’t find a reliable cross-platform way to do it, so the transport just punts on that problem and lets callers handle that. |
2140344 to
7bd33b0
Compare
This is not really an internal error, the caller gave us the wrong type so say that. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
The podman artifact store needs a method to get the actual local path on disk to the blobs. This is needed so we can then bind mount the files into the container, of course the caller must ensure we treat the files as read only. The digest based nature of the store will break if the files are modified. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
7bd33b0 to
87c5b23
Compare
The podman artifact store needs a method to get the actual local path on disk to the blobs. This is needed so we can then bind mount the files into the container, of course the caller must ensure we treat the files as read only. The digest based nature of the store will break if the files are modified.