Re: [patch 8/8] allow unprivileged fuse mounts

From: Miklos Szeredi
Date: Sat Apr 21 2007 - 04:18:53 EST

Next message: Andrew Morton: "Re: [PATCH 2/3] lumpy: increase pressure at the end of the inactivelist"
Previous message: Ethan Solomita: "Re: [RFC 0/8] Cpuset aware writeback"
In reply to: Andrew Morton: "Re: [patch 8/8] allow unprivileged fuse mounts"
Next in thread: Eric W. Biederman: "Re: [patch 8/8] allow unprivileged fuse mounts"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> > Use FS_SAFE for "fuse" fs type, but not for "fuseblk".
> >
> > FUSE was designed from the beginning to be safe for unprivileged
> > users. This has also been verified in practice over many years.
>
> How does FUSE do this?
>
> There are obvious cases like crafting a filesystem which has setuid executables
> or world-writeable device nodes or whatever. I'm sure there are lots of other
> cases.
>
> Where is FUSE's implementation of all this protection described?

Most of it is in Documentation/filesystems/fuse.txt, some of it is
code comments.

Miklos
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Andrew Morton: "Re: [PATCH 2/3] lumpy: increase pressure at the end of the inactivelist"
Previous message: Ethan Solomita: "Re: [RFC 0/8] Cpuset aware writeback"
In reply to: Andrew Morton: "Re: [patch 8/8] allow unprivileged fuse mounts"
Next in thread: Eric W. Biederman: "Re: [patch 8/8] allow unprivileged fuse mounts"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]