kolyshkin
diff --git a/‎go.mod
Lines changed: 1 addition & 1 deletion b/‎go.mod
Lines changed: 1 addition & 1 deletion
diff --git a/‎go.sum
Lines changed: 2 additions & 2 deletions b/‎go.sum
Lines changed: 2 additions & 2 deletions
diff --git a/‎libcontainer/utils/utils_unix.go
Lines changed: 3 additions & 6 deletions b/‎libcontainer/utils/utils_unix.go
Lines changed: 3 additions & 6 deletions
diff --git a/‎vendor/github.com/cyphar/filepath-securejoin/CHANGELOG.md
Lines changed: 48 additions & 1 deletion b/‎vendor/github.com/cyphar/filepath-securejoin/CHANGELOG.md
Lines changed: 48 additions & 1 deletion
diff --git a/‎vendor/github.com/cyphar/filepath-securejoin/VERSION
Lines changed: 1 addition & 1 deletion b/‎vendor/github.com/cyphar/filepath-securejoin/VERSION
Lines changed: 1 addition & 1 deletion
diff --git a/‎vendor/github.com/cyphar/filepath-securejoin/join.go
Lines changed: 45 additions & 4 deletions b/‎vendor/github.com/cyphar/filepath-securejoin/join.go
Lines changed: 45 additions & 4 deletions
diff --git a/‎vendor/github.com/cyphar/filepath-securejoin/mkdir_linux.go
Lines changed: 35 additions & 14 deletions b/‎vendor/github.com/cyphar/filepath-securejoin/mkdir_linux.go
Lines changed: 35 additions & 14 deletions
diff --git a/‎vendor/modules.txt
Lines changed: 1 addition & 1 deletion b/‎vendor/modules.txt
Lines changed: 1 addition & 1 deletion
@@ -12,7 +12,7 @@ require (
 	github.com/cilium/ebpf v0.17.1
 	github.com/containerd/console v1.0.4
 	github.com/coreos/go-systemd/v22 v22.5.0
-	github.com/cyphar/filepath-securejoin v0.3.6
+	github.com/cyphar/filepath-securejoin v0.4.1
 	github.com/docker/go-units v0.5.0
 	github.com/godbus/dbus/v5 v5.1.0
 	github.com/moby/sys/capability v0.4.0
 
@@ -10,8 +10,8 @@ github.com/coreos/go-systemd/v22 v22.5.0/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSV
 github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
 github.com/cpuguy83/go-md2man/v2 v2.0.5 h1:ZtcqGrnekaHpVLArFSe4HK5DoKx1T0rq2DwVB0alcyc=
 github.com/cpuguy83/go-md2man/v2 v2.0.5/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
-github.com/cyphar/filepath-securejoin v0.3.6 h1:4d9N5ykBnSp5Xn2JkhocYDkOpURL/18CYMpo6xB9uWM=
-github.com/cyphar/filepath-securejoin v0.3.6/go.mod h1:Sdj7gXlvMcPZsbhwhQ33GguGLDGQL7h7bg04C/+u9jI=
+github.com/cyphar/filepath-securejoin v0.4.1 h1:JyxxyPEaktOD+GAnqIqTf9A8tHyAG22rowi7HkoSU1s=
+github.com/cyphar/filepath-securejoin v0.4.1/go.mod h1:Sdj7gXlvMcPZsbhwhQ33GguGLDGQL7h7bg04C/+u9jI=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 
@@ -287,9 +287,6 @@ func IsLexicallyInRoot(root, path string) bool {
 // try to detect any symlink components in the path while we are doing the
 // MkdirAll.
 //
-// NOTE: Unlike os.MkdirAll, mode is not Go's os.FileMode, it is the unix mode
-// (the suid/sgid/sticky bits are not the same as for os.FileMode).
-//
 // NOTE: If unsafePath is a subpath of root, we assume that you have already
 // called SecureJoin and so we use the provided path verbatim without resolving
 // any symlinks (this is done in a way that avoids symlink-exchange races).
@@ -300,7 +297,7 @@ func IsLexicallyInRoot(root, path string) bool {
 // handling if unsafePath has already been scoped within the rootfs (this is
 // needed for a lot of runc callers and fixing this would require reworking a
 // lot of path logic).
-func MkdirAllInRootOpen(root, unsafePath string, mode uint32) (_ *os.File, Err error) {
+func MkdirAllInRootOpen(root, unsafePath string, mode os.FileMode) (_ *os.File, Err error) {
 	// If the path is already "within" the root, get the path relative to the
 	// root and use that as the unsafe path. This is necessary because a lot of
 	// MkdirAllInRootOpen callers have already done SecureJoin, and refactoring
@@ -334,12 +331,12 @@ func MkdirAllInRootOpen(root, unsafePath string, mode uint32) (_ *os.File, Err e
 	}
 	defer rootDir.Close()
 
-	return securejoin.MkdirAllHandle(rootDir, unsafePath, int(mode))
+	return securejoin.MkdirAllHandle(rootDir, unsafePath, mode)
 }
 
 // MkdirAllInRoot is a wrapper around MkdirAllInRootOpen which closes the
 // returned handle, for callers that don't need to use it.
-func MkdirAllInRoot(root, unsafePath string, mode uint32) error {
+func MkdirAllInRoot(root, unsafePath string, mode os.FileMode) error {
 	f, err := MkdirAllInRootOpen(root, unsafePath, mode)
 	if err == nil {
 		_ = f.Close()
 
@@ -27,7 +27,7 @@ github.com/coreos/go-systemd/v22/dbus
 # github.com/cpuguy83/go-md2man/v2 v2.0.5
 ## explicit; go 1.11
 github.com/cpuguy83/go-md2man/v2/md2man
-# github.com/cyphar/filepath-securejoin v0.3.6
+# github.com/cyphar/filepath-securejoin v0.4.1
 ## explicit; go 1.18
 github.com/cyphar/filepath-securejoin
 # github.com/docker/go-units v0.5.0