From 1ade50a36f23fc35abb465aa5b7cfc73b2476328 Mon Sep 17 00:00:00 2001 From: Martin Wilck Date: Fri, 1 Feb 2019 12:09:11 +0100 Subject: [PATCH] Add documentation on blacklisted modules to mount(8) man page Signed-off-by: Martin Wilck --- sys-utils/mount.8 | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/sys-utils/mount.8 b/sys-utils/mount.8 index da0ac5b..c231e12 100644 --- a/sys-utils/mount.8 +++ b/sys-utils/mount.8 @@ -338,6 +338,32 @@ The option is similar, with the restriction that the user must be member of the group of the special file. +.SS Blacklisted file systems +In the Linux kernel, file system types are implemented as kernel +modules. While many of these file systems are well maintained, +some of the older and less frequently used ones are not. This +poses a security risk, because maliciously crafted file system +images might open security holes when mounted either automatically +or by an inadvertent user. The +.B mount +command prints "unsupported file system type 'somefs'" in this case, +because it can't distinguish between a really unsupported file system +(kernel module non-existent) and a blacklisted file system. + +Users who need the blacklisted file systems and therefore want +to override the blacklisting can either load the blacklisted module +directly: +.RS + +.br +.BI "modprobe -v" " somefs" +.br + +.RE +or override the blacklist configuration by editing files under the +.I /etc/modprobe.d +directory. + .SS Bind mount operation Remount part of the file hierarchy somewhere else. The call is: -- 2.19.2