Hey Alan, Thank you very much for your work in maintaining fusefs. I only use fusefs in very limited circumstances, so take what I'm about to say with a grain of salt. On Thu, Mar 21, 2019 at 09:43:07AM -0600, Alan Somers wrote: > fusefs has several sysctl knobs that seem to be workarounds for bugs > in particular fuse daemons. However, there is no indication as to > which those daemons are, neither in the code nor in SVN. All of the > workarounds are at least 6.5 years old, so the original bugs may have > been fixed already. Since the original bugs aren't documented, I > consider these workarounds to be unmaintainable, and I'm planning to > delete them unless anybody objects. Please pipe up if you still use > them! > > vfs.fusefs.mmap_enable: If non-zero, and data_cache_mode is also > non-zero, enable mmap(2) of FUSE files I'm curious if the security impacts of removing the toggle to disable mmap support for fusefs. Is there a per-fusefs replacement for mmap_enable? From a security perspective, it would be nice to keep the ability to disable mapping of files mounted on a fusefs. Thanks, -- Shawn Webb Cofounder and Security Engineer HardenedBSD Tor-ified Signal: +1 443-546-8752 Tor+XMPP+OTR: lattera_at_is.a.hacker.sx GPG Key ID: 0x6A84658F52456EEE GPG Key Fingerprint: 2ABA B6BD EF6A F486 BE89 3D9E 6A84 658F 5245 6EEE
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:41:20 UTC