Skip to content

fix(security): block symlink creation in RealFs to prevent sandbox escape#1027

Merged
chaliy merged 1 commit intomainfrom
fix/issue-979-realfs-symlink-escape
Apr 2, 2026
Merged

fix(security): block symlink creation in RealFs to prevent sandbox escape#1027
chaliy merged 1 commit intomainfrom
fix/issue-979-realfs-symlink-escape

Conversation

@chaliy
Copy link
Copy Markdown
Contributor

@chaliy chaliy commented Apr 2, 2026

Summary

  • Block symlink creation in RealFs entirely to prevent sandbox escape
  • External processes sharing the directory tree would follow symlinks to arbitrary host paths

Why

ln -s /etc/passwd link inside a RealFs sandbox created an actual symlink on the host. While bashkit doesn't follow symlinks internally (TM-ESC-002), CI runners or other container processes sharing the directory would follow them.

Tests

  • realfs_symlink_absolute_escape_blockedln -s /etc/passwd is rejected
  • realfs_symlink_relative_escape_blockedln -s ../../../../etc/passwd is rejected

Closes #979

@chaliy
fix(security): block symlink creation in RealFs to prevent sandbox es…
ec162ca 
…cape

Symlink creation in RealFs is now completely blocked. Even though
bashkit doesn't follow symlinks internally (TM-ESC-002), external
processes sharing the directory tree would follow them, enabling
reads/writes to arbitrary host paths outside the sandbox.

Closes #979
@chaliy chaliy merged commit 4e2922e into main Apr 2, 2026
27 checks passed
@chaliy chaliy deleted the fix/issue-979-realfs-symlink-escape branch April 2, 2026 22:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

RealFs symlink creation allows escape from sandbox via external process

1 participant

@chaliy