Singularity 3.6.0 is an important security release, as well as including a large number of new features and improvements. Please read the release notes below carefully, especially regarding the security content and compatibility of SIF signatures.
In particular, note that 3.6.0 necessarily uses a new format for SIF signatures, which is incompatible with older versions of Singularity. 3.6.0 has a --legacy-insecure flag to verify the older insecure signatures temporarily if needed in your workflows, but older versions cannot verify containers signed by 3.6.0.
Security related fixes
Singularity 3.6.0 introduces a new signature format for SIF images, and changes to the signing / verification code to address:
- CVE-2020-13845
In Singularity 3.x versions below 3.6.0, issues allow the ECL to be bypassed by a malicious user. - CVE-2020-13846
In Singularity 3.5 the--all / -aoption tosingularity verifyreturns success even when some objects in a SIF container are not signed, or cannot be verified. - CVE-2020-13847
In Singularity 3.x versions below 3.6.0, Singularity's sign and verify commands do not sign metadata found in the global header or data object descriptors of a SIF file, allowing an attacker to cause unexpected behavior. A signed container may verify successfully, even when it has been modified in ways that could be exploited to cause malicious behavior.
Please see the published security advisories at https://github.com/hpcng/singularity/security/advisories for full detail of these security issues.
Note that the new signature format is necessarily incompatible with Singularity < 3.6.0 - e.g. Singularity 3.5.3 cannot verify containers
signed by 3.6.0.
We thank Tru Huynh for a report that led to the review of, and changes to, the signature implementation.
New features / functionalities
- Singularity now supports the execution of minimal Docker/OCI containers that do not contain
/bin/sh, e.g.docker://hello-world. - A new cache structure is used that is concurrency safe on a filesystem that supports atomic rename. If you downgrade to Singularity 3.5 or older after using 3.6 you will need to run
singularity cache clean. - A plugin system rework adds new hook points that will allow the development of plugins that modify behavior of the runtime. An image driver concept is introduced for plugins to support new ways of handling image and overlay mounts. Plugins built for <=3.5 are not compatible with 3.6.
- The
--bindflag can now bind directories from a SIF or ext3 image into a container. - The
--fusemountfeature to mount filesystems to a container via FUSE drivers is now a supported feature (previously an experimental hidden flag). This permits users to mount e.g.sshfsandcvmfsfilesystems to the container at runtime. - A new
-c/--configflag allows an alternativesingularity.confto be specified by therootuser, or all users in an unprivileged installation. - A new
--envflag allows container environment variables to be set via the Singularity command line. - A new
--env-fileflag allows container environment variables to be set from a specified file. - A new
--daysflag forcache cleanallows removal of items older than a specified number of days. Replaces the--nameflag which is not generally useful as the cache entries are stored by hash, not a friendly name. - A new '--legacy-insecure' flag to
verifyallows verification of SIF signatures in the old, insecure format. - A new '-l / --logs' flag for
instance listthat shows the paths to instance STDERR / STDOUT log files. - The
--jsonoutput ofinstance listnow include paths to STDERR / STDOUT log files.
Changed defaults / behaviours
- New signature format (see security fixes above).
- Environment variables prefixed with
SINGULARITYENV_always take precedence over variables withoutSINGULARITYENV_prefix. - The
%postbuild section inherits environment variables from the base image. %files from ...will now follow symlinks for sources that are directly specified, or directly resolved from a glob pattern. It will not follow symlinks found through directory traversal. This mirrors Docker multi-stage COPY behaviour.- Restored the CWD mount behaviour of v2, implying that CWD path is not recreated inside container and any symlinks in the CWD path are not resolved anymore to determine the destination path inside container.
- The
%testbuild section is executed the same manner assingularity test image. --fusemountwith thecontainer:default directive will foreground the FUSE process. Usecontainer-daemon:for previous behavior.- Fixed spacing of
singularity instance listto be dynamically changing based off of input lengths instead of fixed number of spaces to account for long instance names.
Deprecated / removed commands
- Removed
--nameflag forcache clean; replaced with--days. - Deprecate
-a / --alloption tosign/verifyas new signature behavior makes this the default.
Bug Fixes
- Don't try to mount
$HOMEwhen it is/(e.g.nobodyuser). - Process
%appinstallsections in order when building from a definition file. - Ensure
SINGULARITY_CONTAINER,SINGULARITY_ENVIRONMENTand the custom shell prompt are set inside a container. - Honor insecure registry settings from
/etc/containers/registries.conf. - Fix
http_proxyenv var handling inyumbootstrap builds. - Disable log colorization when output location is not a terminal.
- Check encryption keys are usable before beginning an encrypted build.
- Allow app names with non-alphanumeric characters.
- Use the
basemetapackage for arch bootstrap builds - arch no longer has abasegroup. - Ensure library client messages are logged with
--debug. - Do not mount
$HOMEwith--fakeroot --contain. - Fall back to underlay automatically when using a sandbox on GPFS.
- Fix Ctrl-Z handling - propagation of signal.
Thanks to our contributors for code, feedback and, testing efforts!
As always, please report any bugs to: https://github.com/sylabs/singularity/issues/new
If you think that you've discovered a security vulnerability please report it to: security@sylabs.io
Have fun!