1. 18 Feb, 2017 2 commits
  2. 17 Feb, 2017 25 commits
  3. 16 Feb, 2017 12 commits
  4. 15 Feb, 2017 1 commit
    • Gregory Haskins's avatar
      [FAB-2122] Scan codepackage for illegal content · ca02c607
      Gregory Haskins authored
      
      
      We allow each chaincode platform to define its own deployment
      validation logic, and then implement a FAB-2122 oriented
      filter for GOLANG.  What this means in practice is we perform
      some basic checks against the tarball that was passed in via
      the DeploymentSpec.  For instance, there is no reason for
      a client to submit binaries (+x set), files in /bin/*, or
      source packages outside of the declared package.
      
      As noted, this doesn't provide 100% protection but it does
      at least reject some basic things that are clearly garbage.
      
      Change-Id: I6c725d4cb0522a8be5717ab80d4f6205e83bf858
      Signed-off-by: default avatarGreg Haskins <gregory.haskins@gmail.com>
      ca02c607