third_party_libfuse/lib · OpenHarmony/third_party_libfuse - AtomGit

09cabb76创建于 2025年11月22日历史提交

文件	最后提交记录	最后更新时间
modules	libfuse升级 Signed-off-by: psycho <wangmingxuan6@h-partners.com>	2 年前
buffer.c	升级1.17.3 Signed-off-by: fangzhiyi18 <fangzhiyi1@h-partners.com>	7 个月前
compat.c	升级1.17.3 Signed-off-by: fangzhiyi18 <fangzhiyi1@h-partners.com>	7 个月前
cuse_lowlevel.c	升级1.17.3 Signed-off-by: fangzhiyi18 <fangzhiyi1@h-partners.com>	7 个月前
fuse.c	升级1.17.3 Signed-off-by: fangzhiyi18 <fangzhiyi1@h-partners.com>	7 个月前
fuse_i.h	升级1.17.3 Signed-off-by: fangzhiyi18 <fangzhiyi1@h-partners.com>	7 个月前
fuse_log.c	升级1.17.3 Signed-off-by: fangzhiyi18 <fangzhiyi1@h-partners.com>	7 个月前
fuse_loop.c	升级1.17.3 Signed-off-by: fangzhiyi18 <fangzhiyi1@h-partners.com>	7 个月前
fuse_loop_mt.c	升级1.17.3 Signed-off-by: fangzhiyi18 <fangzhiyi1@h-partners.com>	7 个月前
fuse_lowlevel.c	升级1.17.3 Signed-off-by: fangzhiyi18 <fangzhiyi1@h-partners.com>	7 个月前
fuse_misc.h	libfuse升级 Signed-off-by: psycho <wangmingxuan6@h-partners.com>	2 年前
fuse_opt.c	libfuse升级 Signed-off-by: psycho <wangmingxuan6@h-partners.com>	2 年前
fuse_signals.c	升级1.17.3 Signed-off-by: fangzhiyi18 <fangzhiyi1@h-partners.com>	7 个月前
fuse_versionscript	升级1.17.3 Signed-off-by: fangzhiyi18 <fangzhiyi1@h-partners.com>	7 个月前
helper.c	升级1.17.3 Signed-off-by: fangzhiyi18 <fangzhiyi1@h-partners.com>	7 个月前
meson.build	升级1.17.3 Signed-off-by: fangzhiyi18 <fangzhiyi1@h-partners.com>	7 个月前
mount.c	升级1.17.3 Signed-off-by: fangzhiyi18 <fangzhiyi1@h-partners.com>	7 个月前
mount_bsd.c	升级1.17.3 Signed-off-by: fangzhiyi18 <fangzhiyi1@h-partners.com>	7 个月前
mount_util.c	add is a symlink Signed-off-by: fangzhiyi18 <fangzhiyi1@h-partners.com>	6 个月前
mount_util.h	Allow passing `/dev/fuse` file descriptor from parent process This adds support for a mode of operation in which a privileged parent process opens `/dev/fuse` and takes care of mounting. The FUSE file system daemon can then run as an unprivileged child that merely processes requests on the FUSE file descriptor, which get passed using the special `/dev/fd/%u` syntax for the mountpoint parameter. The main benefit is that no privileged operations need to be performed by the FUSE file system daemon itself directly or indirectly, so the FUSE process can run with fully unprivileged and mechanisms like securebits and no_new_privs can be used to prevent subprocesses from re-acquiring privilege via setuid, fscaps, etc. This reduces risk in case the FUSE file system gets exploited by malicious file system data. Below is an example that illustrates this. Note that I'm using shell for presentation purposes, the expectation is that the parent process will implement the equivalent of the `mount -i` and `capsh` commands. \# example/hello can mount successfully with privilege $ sudo sh -c "LD_LIBRARY_PATH=build/lib ./example/hello /mnt/tmp" $ sudo cat /mnt/tmp/hello Hello World! $ sudo umount /mnt/tmp \# example/hello fails to mount without privilege $ sudo capsh --drop=all --secbits=0x2f -- -c 'LD_LIBRARY_PATH=build/lib ./example/hello -f /mnt/tmp' fusermount3: mount failed: Operation not permitted \# Passing FUSE file descriptor via /dev/fd/%u allows example/hello to work without privilege $ sudo sh -c ' exec 17<>/dev/fuse mount -i -o nodev,nosuid,noexec,fd=17,rootmode=40000,user_id=0,group_id=0 -t fuse hello /mnt/tmp capsh --drop=all --secbits=0x2f -- -c "LD_LIBRARY_PATH=build/lib example/hello /dev/fd/17" ' $ sudo cat /mnt/tmp/hello Hello World! $ sudo umount /mnt/tmp	7 年前
util.c	升级1.17.3 Signed-off-by: fangzhiyi18 <fangzhiyi1@h-partners.com>	7 个月前
util.h	升级1.17.3 Signed-off-by: fangzhiyi18 <fangzhiyi1@h-partners.com>	7 个月前