[$] The difficulty of safe path traversal
Aleksa Sarai, as the maintainer of the
https://github.com/opencontainers/runc?tab=readme-ov-file#runc
, faces a
constant battle against security problems. Recently, runc has seen
another
instance of a security vulnerability that can be traced back to the difficulty
of handling file paths on Linux. Sarai spoke at the 2025
;
about
some of the problems runc has had with path-traversal vulnerabilities, and to
ask people to please use
libpathrs, the library that he has been developing for
safe path traversal.