On Sun, Mar 3, 2013 at 2:14 AM, Eric W. Biederman <ebiederm@xxxxxxxxxxxx> wrote: > > Modify the request_module to prefix the file system type with "fs-" > and add aliases to all of the filesystems that can be built as modules > to match. > > A common practice is to build all of the kernel code and leave code > that is not commonly needed as modules, with the result that many > users are exposed to any bug anywhere in the kernel. > > Looking for filesystems with a fs- prefix limits the pool of possible > modules that can be loaded by mount to just filesystems trivially > making things safer with no real cost. > > Using aliases means user space can control the policy of which > filesystem modules are auto-loaded by editing /etc/modprobe.d/*.conf > with blacklist and alias directives. Allowing simple, safe, > well understood work-arounds to known problematic software. > > This also addresses a rare but unfortunate problem where the filesystem > name is not the same as it's module name and module auto-loading > would not work. While writing this patch I saw a handful of such > cases. The most significant being autofs that lives in the module > autofs4. > > Signed-off-by: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx> Acked-by: Kees Cook <keescook@xxxxxxxxxxxx> -- Kees Cook Chrome OS Security -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
