Files or Directories Accessible to External Parties

Summary

A flaw was discovered in Podman from 1.6.0 and prior to 1.8.1-rc1, where it incorrectly allows containers when created to overwrite existing files in volumes, even if they are mounted as read-only. When a user runs a malicious container or a container based on a malicious image with an attached volume that is used for the first time, it is possible to trigger the flaw and overwrite files in the volume.