diff options
author | gVisor bot <gvisor-bot@google.com> | 2020-07-23 16:34:09 -0700 |
---|---|---|
committer | gVisor bot <gvisor-bot@google.com> | 2020-07-23 16:34:09 -0700 |
commit | 5e34ee68c93888eba3d56a2b713dbeebf406efa3 (patch) | |
tree | 85cd3b1bc8854d893e74e12788fe02ecbe8e7675 /pkg/sentry/vfs/options.go | |
parent | 8fed97794edcbaa7069dbd39604030e4fbb6891c (diff) | |
parent | 2f78c487f17e12dfee08214311c500073cb03fde (diff) |
Merge pull request #3024 from ridwanmsharif:ridwanmsharif/fuse-stub-impl
PiperOrigin-RevId: 322890087
Diffstat (limited to 'pkg/sentry/vfs/options.go')
-rw-r--r-- | pkg/sentry/vfs/options.go | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/pkg/sentry/vfs/options.go b/pkg/sentry/vfs/options.go index f223aeda8..d37208a1f 100644 --- a/pkg/sentry/vfs/options.go +++ b/pkg/sentry/vfs/options.go @@ -79,6 +79,17 @@ type MountFlags struct { // NoATime is equivalent to MS_NOATIME and indicates that the // filesystem should not update access time in-place. NoATime bool + + // NoDev is equivalent to MS_NODEV and indicates that the + // filesystem should not allow access to devices (special files). + // TODO(gVisor.dev/issue/3186): respect this flag in non FUSE + // filesystems. + NoDev bool + + // NoSUID is equivalent to MS_NOSUID and indicates that the + // filesystem should not honor set-user-ID and set-group-ID bits or + // file capabilities when executing programs. + NoSUID bool } // MountOptions contains options to VirtualFilesystem.MountAt(). |