Date: Thu, 21 Mar 2019 09:55:15 -0600 From: Alan Somers <asomers@freebsd.org> To: Shawn Webb <shawn.webb@hardenedbsd.org> Cc: FreeBSD CURRENT <freebsd-current@freebsd.org>, freebsd-fs <freebsd-fs@freebsd.org> Subject: Re: HEAD'S UP: fusefs sysctls going away Message-ID: <CAOtMX2gqmVAZumDsB9_6YaOeZsFF5m3NN4aibL=8CYNWDGo3OA@mail.gmail.com> In-Reply-To: <20190321154817.2lgwjzl4o2urlmdw@mutt-hbsd> References: <CAOtMX2i9qwhNTdCgNxxUOmf=FZAOmD7w=T8vmvyF-9-P0iw-CQ@mail.gmail.com> <20190321154817.2lgwjzl4o2urlmdw@mutt-hbsd>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Mar 21, 2019 at 9:49 AM Shawn Webb <shawn.webb@hardenedbsd.org> wrote: > > Hey Alan, > > Thank you very much for your work in maintaining fusefs. I only use > fusefs in very limited circumstances, so take what I'm about to say > with a grain of salt. > > On Thu, Mar 21, 2019 at 09:43:07AM -0600, Alan Somers wrote: > > fusefs has several sysctl knobs that seem to be workarounds for bugs > > in particular fuse daemons. However, there is no indication as to > > which those daemons are, neither in the code nor in SVN. All of the > > workarounds are at least 6.5 years old, so the original bugs may have > > been fixed already. Since the original bugs aren't documented, I > > consider these workarounds to be unmaintainable, and I'm planning to > > delete them unless anybody objects. Please pipe up if you still use > > them! > > > > vfs.fusefs.mmap_enable: If non-zero, and data_cache_mode is also > > non-zero, enable mmap(2) of FUSE files > > I'm curious if the security impacts of removing the toggle to disable > mmap support for fusefs. Is there a per-fusefs replacement for > mmap_enable? From a security perspective, it would be nice to keep the > ability to disable mapping of files mounted on a fusefs. As a matter of fact, there are three other ways to disable mmap: 1) Set vfs.fusefs.data_cache_mode=0. This completely disables caching file data, which precludes mmap. 2) Use the undocumented -o no_datacache mount option, which does the same thing on a per-mount basis. 3) Use the undocumented -o no_mmap mount option, which disables mmap on a per-mount basis. Are you aware of any general security problems with using mmap? Anything that would apply to fusefs but not other filesystems? -Alan
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAOtMX2gqmVAZumDsB9_6YaOeZsFF5m3NN4aibL=8CYNWDGo3OA>