On 24.04.20 г. 12:46 ч., Johannes Thumshirn wrote: > On 24/04/2020 11:37, Nikolay Borisov wrote: >> >> >> On 16.04.20 г. 17:24 ч., David Sterba wrote: >>> naming of the new checksums (hmac-sha256 or hmac-blake2 should be ok)> - key specification via mount option >> >> But the key shouldn't really be visible in /proc/mounts since it's >> readable by ordinary users, god knows how many more pseudo files there >> are which can provide the same situation. If the specification of the >> key is a reference to a loaded key then yes but otherwise I think that's >> a security risk, unless it's possible to hide passed options from >> /proc/mounts i.e pass it but make it internal to the filesystem ? > > No the key won't ever be passed to the mount command, only the key id: > > keyctl add logon btrfs:foo 0123456 @u > mount -t btrfs -o auth_key=btrfs:foo /dev/disk /mnt/point > > So /proc/mounts would only show the key id anyways. > > I think this is fine. > That's fine, yes.
