> The check and the operation would need to prevent anything else from operating on it during that time.
I don't think you understand. If we verify that the absolutized path has sane permissions from top to bottom, then nothing else can operate on it; nothing else that is not either the superuser, or our own user ID. I.e. no untrusted security context.
(If you think that the requirement is literally "nothing else", such as a different thread in the same application in exactly the same security context, then that's a whole different set of goalposts in another soccer field.)
The bug reported here is because Docker sanitizes the symlinks within a path to ensure that nothing is trying link to something outside a given path, then it operates on the filesystem.
This filesystem is shared with the containerized process. So after Docker sanitizes the path, a malicious container process can do bad things to the path and Docker will assume that everything is still ok, the process will then gain read/write access to host files.
I think a non-privileged user (or the use of user namespaces) would limit the scope of the attack based on permissions (though you have to make sure there is no suid binaries on the host as well... or use no-new-privileges for the container), however the attack still exists.
> I think a non-privileged user (or the use of user namespaces) would limit the scope of the attack based on permissions
I don't think so -- Docker does all archive operations from the context of Docker (so, as root). Obviously with rootless Docker this is different, but I highly doubt anyone has started using it yet.
EDIT: Obviously also if Docker has an AppArmor profile applied or restrictive SELinux labels then it will also be limited by that.
I don't think you understand. If we verify that the absolutized path has sane permissions from top to bottom, then nothing else can operate on it; nothing else that is not either the superuser, or our own user ID. I.e. no untrusted security context.
(If you think that the requirement is literally "nothing else", such as a different thread in the same application in exactly the same security context, then that's a whole different set of goalposts in another soccer field.)