[PATCH] Do not set DOCKER_TMP to be owned by remapped root
The remapped root does not need access to this dir.
Having this owned by the remapped root opens the host up to an
uprivileged user on the host being able to escalate privileges.
While it would not be normal for the remapped UID to be used outside of
the container context, it could happen.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
(cherry picked from commit
bfedd2725971303efb7a2fe5d6990317b381622f)
Signed-off-by: Tibor Vass <tibor@docker.com>
Gbp-Pq: Name cve-2021-21284-2.patch
projects / docker.io.git / commit