overlayFS security concern
Michael Richardson
mcr at sandelman.ca
Sun Feb 21 09:29:39 AEDT 2021
Patrick Williams <patrick at stwcx.xyz> wrote:
> A protection we could do which would make attacks slightly harder than
> they are today would be to change how we mount OverlayFS. Right now we
> mount it on top of root, but we could be more explicit about mounting
I was going to ask about that. Could we just overlay less?
The second question is: would a non-persistent overlay be useful?
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works | IoT architect [
] mcr at sandelman.ca http://www.sandelman.ca/ | ruby on rails [
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 487 bytes
Desc: not available
URL: <http://lists.ozlabs.org/pipermail/openbmc/attachments/20210220/c36527cd/attachment.sig>
More information about the openbmc
mailing list