Mailinglist Archive: opensuse-factory (633 mails)

< Previous Next >
Re: [opensuse-factory] [PLEASE SPEAK UP] Disabling legacy file systems by default?
On Wed, 2019-01-30 at 21:59 +0300, Andrei Borzenkov wrote:
30.01.2019 19:41, Martin Wilck пишет:
SUSE will blacklist a number of legacy and/or less frequently used
file systems by default on SLES for security reasons.

The proposed list can be seen here:

https://github.com/openSUSE/suse-module-tools/pull/5/commits/8cb42fb6658f210cb8c955d584a65f7b041c0575


# The following list only specifies local file systems since those
are the
# only ones that will be detected automatically by mount(8).

This patch not only blocks auto-detected filesystem types, it also
makes
mount(8) with *explicit* fstype fail (also in /etc/fstab) unless
module
implementing this fstype is loaded in advance.


bor@bor-Latitude-E5450:~/src/util-linux$ LC_ALL=C mkfs.cramfs sys-
utils/
/tmp/cramfs.loop
mkfs.cramfs: warning: gids truncated to 8 bits. (This may be a
security
concern.)
bor@bor-Latitude-E5450:~/src/util-linux$ LC_ALL=C blkid
/tmp/cramfs.loop
/tmp/cramfs.loop: LABEL="Compressed" TYPE="cramfs"
bor@bor-Latitude-E5450:~/src/util-linux$ LC_ALL=C sudo mount -o loop
/tmp/cramfs.loop /mnt
mount: /mnt: unknown filesystem type 'cramfs'.
bor@bor-Latitude-E5450:~/src/util-linux$


Is it intentional?

I can't speak for Jeff, but I'd say yes. The intention is that users
who want to use one of these _kernel modules_ have to edit the modprobe
configuration by hand.

Martin


--
Dr. Martin Wilck <mwilck@xxxxxxxx>, Tel. +49 (0)911 74053 2107
SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton
HRB 21284 (AG Nürnberg)


--
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-factory+owner@xxxxxxxxxxxx

< Previous Next >