Comment by yencabulator

Huh. You're converting FUSE requests into your own custom protocol (with copy-pasted protocol definition) over vsock. Interesting. Not sure I'd trust it with my data[0], but interesting.

I don't think the current filepath.Join in realfs.go protects the host against a malicious guest, at all. I'm assuming this is configured as Guest --FUSE--> guest-fused (inside VM) --VSOCK--> realfs.

(The Firecracker people have explicitly refused to have virtio-fs, to keep it minimal: https://github.com/firecracker-microvm/firecracker/pull/1351...)

https://github.com/jingkaihe/matchlock/blob/123a4df680fb8cc0...

https://github.com/jingkaihe/matchlock/blob/123a4df680fb8cc0...

https://github.com/jingkaihe/matchlock/blob/123a4df680fb8cc0...

[0]: Well, I already know I won't trust hanwen/go-fuse with my data, so that part is a bit moot.