1
0
forked from pool/util-linux
util-linux/Add-documentation-on-blacklisted-modules-to-mount-8-.patch
Stanislav Brabec 644790947b Accepting request 833344 from home:sbrabec:branches:util-linux-multibuild
- Migrate multi-spec build to multibuild.
- Change packaging from per-partes build to mini+full build.
- Fix default permissions of wall and write.
- Build all python flavors.
- Fix error in scriptlets after migration to /usr/etc.
- Update to version 2.36...
- Refresh Add-documentation-on-blacklisted-modules-to-mount-8-.patch.
- Drop upstreamed libeconf.patch,
  libmount-Avoid-triggering-autofs-in-lookup_umount_fs.patch.
- util-linux-login_defs-check.sh: Perform all steps to integrate
  MOTD_FIRSTONLY.
- Update baselibs.conf.

OBS-URL: https://build.opensuse.org/request/show/833344
OBS-URL: https://build.opensuse.org/package/show/Base:System/util-linux?expand=0&rev=433
2020-09-09 23:47:10 +00:00

48 lines
1.6 KiB
Diff

From 1ade50a36f23fc35abb465aa5b7cfc73b2476328 Mon Sep 17 00:00:00 2001
From: Martin Wilck <mwilck@suse.com>
Date: Fri, 1 Feb 2019 12:09:11 +0100
Subject: [PATCH] Add documentation on blacklisted modules to mount(8) man page
Signed-off-by: Martin Wilck <mwilck@suse.com>
---
sys-utils/mount.8 | 26 ++++++++++++++++++++++++++
1 file changed, 26 insertions(+)
Index: util-linux-2.36/sys-utils/mount.8
===================================================================
--- util-linux-2.36.orig/sys-utils/mount.8
+++ util-linux-2.36/sys-utils/mount.8
@@ -400,6 +400,32 @@ The
option is similar, with the restriction that the user must be a
member of the group of the special file.
+.SS Blacklisted file systems
+In the Linux kernel, file system types are implemented as kernel
+modules. While many of these file systems are well maintained,
+some of the older and less frequently used ones are not. This
+poses a security risk, because maliciously crafted file system
+images might open security holes when mounted either automatically
+or by an inadvertent user. The
+.B mount
+command prints "unsupported file system type 'somefs'" in this case,
+because it can't distinguish between a really unsupported file system
+(kernel module non-existent) and a blacklisted file system.
+
+Users who need the blacklisted file systems and therefore want
+to override the blacklisting can either load the blacklisted module
+directly:
+.RS
+
+.br
+.BI "modprobe -v" " somefs"
+.br
+
+.RE
+or override the blacklist configuration by editing files under the
+.I /etc/modprobe.d
+directory.
+
.SS Bind mount operation
Remount part of the file hierarchy somewhere else. The call is: