diff options
Diffstat (limited to 'internal/fusefrontend/xattr_linux.go')
| -rw-r--r-- | internal/fusefrontend/xattr_linux.go | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/internal/fusefrontend/xattr_linux.go b/internal/fusefrontend/xattr_linux.go new file mode 100644 index 0000000..ebe42b1 --- /dev/null +++ b/internal/fusefrontend/xattr_linux.go @@ -0,0 +1,15 @@ +// +build linux + +// Package fusefrontend interfaces directly with the go-fuse library. +package fusefrontend + +import "strings" + +// Only allow the "user" namespace, block "trusted" and "security", as +// these may be interpreted by the system, and we don't want to cause +// trouble with our encrypted garbage. +const xattrUserPrefix = "user." + +func disallowedXAttrName(attr string) bool { + return !strings.HasPrefix(attr, xattrUserPrefix) +} |