Drone-runner-docker path restriction is too restrictive


we use a custom drone pipeline workspace in one of our repos that looks like this:

  base: /var/www
  path: server/apps/systemtags

Due to the check in drone-runner-docker/util.go at 23353941617c5fdea4bce7041ae75710ef0a901d · drone-runners/drone-runner-docker · GitHub every workspace path that contains /sys seems to be blocked. While using the OS root path /sys may be blocked for a valid reason, e.g. /var/www/server/apps/systemtags looks like a valid absolute workspace path. Or is there a reason why this needs to be blocked?

Hello xoxys, As you have reached out to harness support for the same issue and we are investigating and will provide an update there, Let me know if you have any questions or concerns.