From de1f09e8b375ae79a16349dee74d2dd664a606bd Mon Sep 17 00:00:00 2001
From: Jimmy Zelinskie <jimmy.zelinskie+git@gmail.com>
Date: Mon, 19 Dec 2016 15:47:26 -0500
Subject: [PATCH] worker: clarify maxFileSize purpose

Fixes #237.
---
 worker/worker.go | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/worker/worker.go b/worker/worker.go
index 5417c7eb..d8db314c 100644
--- a/worker/worker.go
+++ b/worker/worker.go
@@ -30,7 +30,9 @@ const (
 	// Increased each time the engine changes.
 	Version = 3
 
-	// maxFileSize is the maximum size of a single file we should extract.
+	// maxFileSize enforces a maximum size of a single file within a tarball that
+	// will be extracted. This protects against malicious layers that may contain
+	// extremely large package database files.
 	maxFileSize = 200 * 1024 * 1024 // 200 MiB
 )