conversion: mention the potential risks of blindly copying annotations

[cyphar]

While the ability to copy arbitrary container labels into the generated runtime-spec is a very useful feature, it needs to be mentioned that some runtime-spec annotations (such as org.systemd.property.* and run.oci.hooks.*) can allow an image to cause runtimes to either configure an insecure container or act as a way to attack the host machine.

It should be noted this is no different to any other malicious config.json attack -- it is the responsibility of runtime-spec generators to make sure the configuration is secure.

Reported-by: Akihiro Suda [email protected] Signed-off-by: Aleksa Sarai [email protected]

/cc @AkihiroSuda

[sajayantony]

I don't know the history and I'm sure it's complicated. But in the long term should we move the convertion.md next to https://github.com/opencontainers/runtime-spec/blob/v1.0.0/bundle.md ?

From a location standpoint it does look like the image spec is in between worlds. Moving the conversion to a target format (in this case a runtime bundle) to the runtime spec, might reflect the similar thinking that targets or clients who consume the image spec define their behavior within their scope.

For this specific PR, I would just lean on folks who have more context on runtime.