[Devel] Re: [patch 8/8] allow unprivileged fuse mounts
Andrew Morton
akpm at linux-foundation.org
Sat Apr 21 00:55:16 PDT 2007
On Fri, 20 Apr 2007 12:25:40 +0200 Miklos Szeredi <miklos at szeredi.hu> wrote:
> Use FS_SAFE for "fuse" fs type, but not for "fuseblk".
>
> FUSE was designed from the beginning to be safe for unprivileged
> users. This has also been verified in practice over many years.
How does FUSE do this?
There are obvious cases like crafting a filesystem which has setuid executables
or world-writeable device nodes or whatever. I'm sure there are lots of other
cases.
Where is FUSE's implementation of all this protection described?
_______________________________________________
Containers mailing list
Containers at lists.linux-foundation.org
https://lists.linux-foundation.org/mailman/listinfo/containers
More information about the Devel
mailing list