projects / qemu-gpiodev / libfuse.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 7c49d3c) | patch
fusermount: refuse unknown options
authorJann Horn <jannh@google.com>
Sat, 14 Jul 2018 10:47:50 +0000 (03:47 -0700)
committerNikolaus Rath <Nikolaus@rath.org>
Sat, 21 Jul 2018 11:17:49 +0000 (12:17 +0100)
commitd50017e850d6123d3dc93c1b3eafef6f7bba09f2
tree9374376d437c84bafad0a2de3ef970c78f38f8e6tree | snapshot
parent7c49d3cb74b215fcd527dbd9e1884fcc5b0cd469commit | diff
fusermount: refuse unknown options

Blacklists are notoriously fragile; especially if the kernel wishes to add
some security-critical mount option at a later date, all existing systems
with older versions of fusermount installed will suddenly have a security
problem.
Additionally, if the kernel's option parsing became a tiny bit laxer, the
blacklist could probably be bypassed.

Whitelist known-harmless flags instead, even if it's slightly more
inconvenient.
util/fusermount.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.