[Devel] Re: [patch 8/8] allow unprivileged fuse mounts
Miklos Szeredi
miklos at szeredi.hu
Sat Apr 21 01:16:02 PDT 2007
> > Use FS_SAFE for "fuse" fs type, but not for "fuseblk".
> >
> > FUSE was designed from the beginning to be safe for unprivileged
> > users. This has also been verified in practice over many years.
>
> How does FUSE do this?
>
> There are obvious cases like crafting a filesystem which has setuid executables
> or world-writeable device nodes or whatever. I'm sure there are lots of other
> cases.
>
> Where is FUSE's implementation of all this protection described?
Most of it is in Documentation/filesystems/fuse.txt, some of it is
code comments.
Miklos
_______________________________________________
Containers mailing list
Containers at lists.linux-foundation.org
https://lists.linux-foundation.org/mailman/listinfo/containers
More information about the Devel
mailing list