From 305476eefed8073751c0c84329f14ebfd4f5b1cf Mon Sep 17 00:00:00 2001
From: Will Woods <wwoods@redhat.com>
Date: Tue, 25 Oct 2011 16:19:23 -0400
Subject: [PATCH] add comment about symlink root-escape problem

---
 src/pylorax/ltmpl.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/pylorax/ltmpl.py b/src/pylorax/ltmpl.py
index 50bbcfd7..118592e4 100644
--- a/src/pylorax/ltmpl.py
+++ b/src/pylorax/ltmpl.py
@@ -96,6 +96,9 @@ def rexists(pathname, root=""):
     return True if rglob(pathname, root) else False
 
 # TODO: default to strict mode (fatalerrors=True)
+# XXX NOTE: symlinks to stuff outside inroot/outroot will make us operate
+# on files outside our roots (e.g. deleting files on the host system).
+# TODO: operate inside an actual chroot for safety? Not that RPM bothers..
 class LoraxTemplateRunner(object):
     def __init__(self, inroot, outroot, yum=None, fatalerrors=False,
                                         templatedir=None, defaults={}):