-
Welcome
-
Subscribe to
Sponsors
PLATINUM SPONSORS
GOLD SPONSORS
SILVER SPONSORS
T-SHIRT SPONSOR
EVENT SPONSORS
MEDIA SPONSORS
FUSE mounts from user namespaces
This proposal has been accepted as a session.
One Line Summary
Status update and demo of mounting filesystems from unprivileged containers using FUSE
Abstract
Mounting of “normal” filesystems is not currently allowed from user namespaces due to the security concerns of handing untrusted data to in-kernel filesystem drivers. FUSE is different, since filesystem data is processed in userspace and interaction with the kernel happens only via well-defined interfaces. This makes it a logical first step for supporting user mounts in unprivileged containers.
This talk will give an update on the status of ongoing work to support FUSE mounts from user namespaces along with a short demo of mounting filesystems in an unprivileged container using FUSE.
Presentation Materials
slidesSpeaker
-
Seth Forshee
Canonical Group LtdBiography
Seth is a software engineer working at Canonical as part of the Ubuntu Kernel Team.
Sessions
-
- Title: FUSE mounts from user namespaces
- Microconference: Containers
- Time: 11:15am
-
One Line Summary:
Status update and demo of mounting filesystems from unprivileged containers using FUSE
- slides
- Speakers: Seth Forshee
-
