The vulnerable code in AbstractEbuildProcess is as follows: cgroup_path = os.path.join(cgroup_portage, '%s:%s' % (self.settings["CATEGORY"], self.settings["PF"])) Instead, we should use tempfile.mkdtemp or something similar.
sounds good to me :)
The number of temp dirs that we will create is unlimited, so we need to ensure that they are promptly destroyed. We can unshare the mount namespace and make /sys/fs/cgroup/portage a private mount which will automatically disappear when portage exits.
There's a patch in the following branch: https://github.com/zmedico/portage/tree/bug_554108 I've posted it for review here: https://archives.gentoo.org/gentoo-portage-dev/message/86f2105d445897c3690df7856371093f
This is in the master branch: https://gitweb.gentoo.org/proj/portage.git/commit/?id=551837f0de95cf8e3e741e76094b31cfc0d68bd5
Released in portage-2.2.21