Skip to content

Fix GOOS detection and document TOCTOU limitations in pathsafe#9

Merged
sanderhahn merged 4 commits intoself-extracting-examplefrom
copilot/sub-pr-8
Feb 13, 2026
Merged

Fix GOOS detection and document TOCTOU limitations in pathsafe#9
sanderhahn merged 4 commits intoself-extracting-examplefrom
copilot/sub-pr-8

Conversation

Copy link
Contributor

Copilot AI commented Feb 13, 2026
edited
Loading

Addresses security review feedback from PR #8 regarding platform detection in tests and missing documentation of race condition vulnerabilities in the pathsafe implementation.

Changes

  • Test platform detection: Use runtime.GOOS instead of os.Getenv("GOOS") for reliable platform checks in symlink tests
  • TOCTOU documentation: Added comprehensive security notes explaining time-of-check to time-of-use race conditions in pathsafe.SafeJoin and ensureNoSymlinkPrefix
  • README security section: Documents the internal pathsafe implementation (replacing filepath-securejoin dependency), security model, and appropriate use cases

Security Model

The pathsafe package prevents common zip-slip attacks through path validation but cannot eliminate TOCTOU races—an attacker with filesystem access could inject symlinks between validation and file creation. Suitable for trusted extraction environments; hostile scenarios may require additional hardening (e.g., O_NOFOLLOW, destination pre-creation with restrictive permissions).

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.

Copilot AI mentioned this pull request Feb 13, 2026
Merged
Copilot AI and others added 3 commits February 13, 2026 11:02
@sanderhahn
Fix GOOS detection in tests to use runtime.GOOS
bcc4409 
Co-authored-by: sanderhahn <775103+sanderhahn@users.noreply.github.com>
@sanderhahn
Add comprehensive security documentation for TOCTOU limitations
bd2d975 
Co-authored-by: sanderhahn <775103+sanderhahn@users.noreply.github.com>
@sanderhahn
Add security section to README documenting pathsafe implementation
88a9a8a 
Co-authored-by: sanderhahn <775103+sanderhahn@users.noreply.github.com>
Copilot AI changed the title [WIP] Add examples for self-extracting binaries and update README Fix GOOS detection and document TOCTOU limitations in pathsafe Feb 13, 2026
Copilot AI requested a review from sanderhahn February 13, 2026 11:04
@sanderhahn sanderhahn marked this pull request as ready for review February 13, 2026 11:12
@sanderhahn sanderhahn merged commit ea41454 into self-extracting-example Feb 13, 2026
@sanderhahn sanderhahn deleted the copilot/sub-pr-8 branch February 15, 2026 09:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@sanderhahn sanderhahn sanderhahn approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@sanderhahn sanderhahn

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@sanderhahn