Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Skip Checksum option? #12

Open
jayunit100 opened this issue Nov 20, 2020 · 1 comment
Open

Skip Checksum option? #12

jayunit100 opened this issue Nov 20, 2020 · 1 comment

Comments

@jayunit100
Copy link

jayunit100 commented Nov 20, 2020

Hi folks.

Would like an option to skip checksumming. My use case is ....

... in cases where i want to patch a binary on the host - i may want to start a process by simply calling wins from a container, without first copying my local contents over.

Workaround, in cases where you need to patch a container that is started from a ps1 script, you can add a wget or similar command into the containers startup, so that its path value is identical to what is on the host. of course this comes at the cost of having to mount/copy/upload your patched file somewhere.

@aiyengar2
Copy link
Contributor

I'm not sure if I completely understand the purpose behind your feature request, so could you provide some more details about your use case?

From my understanding, the purpose behind checksumming the Start Process call is to avoid something like the following scenario:

  • Container 1 has permissions to mount the rancher_wins named pipe + a host path c:\etc\mystuff
  • Container 2 only has permissions to mount a host path c:\etc\mystuff
  • Container 1 asks the wins server to start a process in c:\etc\mystuff\myprogram.exe at the same time that Container 2 does Copy-Item c:\etc\mystuff\badstuff.exe c:\etc\mystuff\myprogram.exe and wins server obliges
  • Bad stuff happens since privileges have been escalated

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

4 participants