Plugging in USB sticks, building VM images, and unprivileged containers all give rise to a situation where users are mounting and dealing with filesystem images they have not built themselves, and don't necessarily want to trust.
This leads to the problem of how to mount and read/write those filesystems without opening yourself up to more risk than visiting a web page.
I will survey what has been built already, describe what the technical challenges and describe the problems ahead.
With this talk I hope to unite the various groups across the linux ecosystem that care about this problem and get the discussion started on how we can move forward.
|I agree to abide by the anti-harassment policy