Mailinglist Archive: opensuse-factory (633 mails)

< Previous Next >
Re: [opensuse-factory] Re: [PLEASE SPEAK UP] Disabling legacy file systems by default?
  • From: Per Jessen <per@xxxxxxxxxxxx>
  • Date: Wed, 30 Jan 2019 20:04:19 +0100
  • Message-id: <q2ssfj$iin$2@saturn.local.net>
Jeff Mahoney wrote:

As the author of this commit, I wanted to chime in.

This list is the list of file systems which will not be subject to
module autoloading. In an effort to be user friendly, the kernel will
respond to mount requests of a specified type by requesting to load
the
module to service it. This is generally ok, but there are a number of
file systems that are uncommon, poorly maintained, and contain
security
issues that aren't worth investing the time in fixing. We can reduce
the attack surface for most users by declining to load the modules for
those file systems automatically.

This list is intended to be sufficient for the vast majority of users.
I expect that there are users of file systems on this list but, IMO,
there needs to be a pretty big impact on the community as a whole for
us to remove one of these from the list.

That list is:
blacklist adfs
blacklist affs
blacklist bfs
blacklist befs
blacklist cramfs
blacklist efs
blacklist erofs
blacklist exofs
blacklist freevxfs
blacklist f2fs
blacklist hfs
blacklist hpfs
blacklist jffs2
blacklist jfs

I would suggest jfs is neither uncommon nor poorly maintained. I
certainly hope it doesn't contain any security issues, all of our
systems use jfs.



--
Per Jessen, Zürich (1.2°C)
http://www.hostsuisse.com/ - dedicated server rental in Switzerland.

--
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-factory+owner@xxxxxxxxxxxx

< Previous Next >
Follow Ups