forked from TrueCloudLab/restic
830511460a
This commit changes the logic slightly: checking the permissions in the fuse mount when nobody else besides the current user can access the fuse mount does not sense. The current user has access to the repo files in addition to the password, so they can access all data regardless of what the fuse mount does. Enabling `--allow-root` allows the root user to access the files in the fuse mount, for this user no permission checks will be done anyway. The code now enables `DefaultPermissions` automatically when `--allow-other` is set, it can be disabled with `--no-default-permissions` to restore the old behavior.
11 lines
503 B
Text
11 lines
503 B
Text
Enhancement: mount: Enforce FUSE Unix permissions with allow-other
|
|
|
|
The fuse mount (`restic mount`) now lets the kernel check the permissions of
|
|
the files within snapshots (this is done through the `DefaultPermissions` FUSE
|
|
option) when the option `--allow-other` is specified.
|
|
|
|
To restore the old behavior, we've added the `--no-default-permissions` option.
|
|
This allows all users that have access to the mount point to access all
|
|
files within the snapshots.
|
|
|
|
https://github.com/restic/restic/pull/2017
|