consider making image names less permissive #7986
Description
What is the problem you're trying to solve
Perhaps this was by design (as there's no real technical limitation for storing these), but while reviewing moby/moby#44840 (comment), I learned that containerd's image store effectively has no restrictions on naming images.
For comparison, where container identifiers only accept ^[A-Za-z0-9]+(?:[._-](?:[A-Za-z0-9]+))*$:
ctr image pull docker.io/library/nginx:alpine
ctr run docker.io/library/nginx:alpine 🐳😄🐱
ctr: create container failed validation: container.ID: identifier "🐳😄🐱" must match ^[A-Za-z0-9]+(?:[._-](?:[A-Za-z0-9]+))*$: invalid argumentImages do not have this restriction, neither do they have to match a valid image reference;
ctr image tag docker.io/library/nginx:alpine 🐳😄🐱 -- --help C:\\Windows\\ '$HOME' '/var/lib/containerd' 'rm -rf /'
🐳😄🐱
--
--help
C:\Windows\
$HOME
/var/lib/containerd
rm -rf /After running the above, the 🐳😄🐱, --, --help, C:\Windows\, $HOME, /var/lib/containerd, and rm -rf / images were created successfully;
ctr image ls
REF TYPE DIGEST SIZE PLATFORMS LABELS
$HOME application/vnd.docker.distribution.manifest.list.v2+json sha256:659610aadb34b7967dea7686926fdcf08d588a71c5121edb094ce0e4cdbc45e6 15.9 MiB linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64/v8,linux/ppc64le,linux/s390x -
-- application/vnd.docker.distribution.manifest.list.v2+json sha256:659610aadb34b7967dea7686926fdcf08d588a71c5121edb094ce0e4cdbc45e6 15.9 MiB linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64/v8,linux/ppc64le,linux/s390x -
--help application/vnd.docker.distribution.manifest.list.v2+json sha256:659610aadb34b7967dea7686926fdcf08d588a71c5121edb094ce0e4cdbc45e6 15.9 MiB linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64/v8,linux/ppc64le,linux/s390x -
/var/lib/containerd application/vnd.docker.distribution.manifest.list.v2+json sha256:659610aadb34b7967dea7686926fdcf08d588a71c5121edb094ce0e4cdbc45e6 15.9 MiB linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64/v8,linux/ppc64le,linux/s390x -
C:\Windows\ application/vnd.docker.distribution.manifest.list.v2+json sha256:659610aadb34b7967dea7686926fdcf08d588a71c5121edb094ce0e4cdbc45e6 15.9 MiB linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64/v8,linux/ppc64le,linux/s390x -
docker.io/library/nginx:alpine application/vnd.docker.distribution.manifest.list.v2+json sha256:659610aadb34b7967dea7686926fdcf08d588a71c5121edb094ce0e4cdbc45e6 15.9 MiB linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64/v8,linux/ppc64le,linux/s390x -
rm -rf / application/vnd.docker.distribution.manifest.list.v2+json sha256:659610aadb34b7967dea7686926fdcf08d588a71c5121edb094ce0e4cdbc45e6 15.9 MiB linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64/v8,linux/ppc64le,linux/s390x -
🐳😄🐱 application/vnd.docker.distribution.manifest.list.v2+json sha256:659610aadb34b7967dea7686926fdcf08d588a71c5121edb094ce0e4cdbc45e6 15.9 MiB linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64/v8,linux/ppc64le,linux/s390x -Describe the solution you'd like
Consider restricting image names to prevent hard-to-use names. This may be limited to valid / well-known image reference formats (but TBD in case there's already uses that use "non-valid" image references).
Additional context
No response