Comment 14 for bug 1015531

Nice find Matthias

Russell: the way we're using commonprefix here, we may as well just use startswith() i.e.

  os.path.commonprefix([fs, absolute_path]) == fs

is equivalent to:

  absolute_path.startswith(fs)

FWIW, the xenapi driver handles injected_files via the guest agent and isn't vulnerable.

Pádraig is right:

    def _inject_key_into_fs(key, fs, execute=None):
        sshdir = os.path.join(fs, 'root', '.ssh')
        ...
        keyfile = os.path.join(sshdir, 'authorized_keys')

need to apply realpath() here too. Easiest is to add an 'append' arg to _inject_file_into_fs() and re-use that.

    def _inject_metadata_into_fs(metadata, fs, execute=None):
        metadata_path = os.path.join(fs, "meta.js")

meta.js could be a symlink ... again, we should just use _inject_file_into_fs() here