Skip to content

Fix host UID/GID leakage in copyFileToContainer TAR entries#11929

Open
Gautam-aman wants to merge 1 commit into
testcontainers:mainfrom
Gautam-aman:fix-rootless-copyfile
Open

Fix host UID/GID leakage in copyFileToContainer TAR entries#11929
Gautam-aman wants to merge 1 commit into
testcontainers:mainfrom
Gautam-aman:fix-rootless-copyfile

Conversation

@Gautam-aman

Copy link
Copy Markdown

Fixes #11487

When copyFileToContainer copies a MountableFile,
TAR entries may carry host UID/GID values into
the container.

On rootless Docker setups these IDs may be
unmapped, causing permission and ownership issues.

This change normalizes TAR entry ownership to
uid=0 and gid=0 and adds a regression test.

@Gautam-aman
Gautam-aman requested a review from a team as a code owner July 16, 2026 09:43
@Gautam-aman

Copy link
Copy Markdown
Author

This revives the approach from #11488, which was
previously approved but later closed after the
source repository was deleted.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

[Bug]: copyFileToContainer retention of uid/gid breaks rootless Docker

1 participant