Privileged mounts

Key

local.privileged-mounts (Since 1.7.0)

Description

Controls whether multipass mount is allowed.

Because mounts are performed as privileged users (root on Linux and macOS, SYSTEM on Windows), they allow write access to the whole host operating system. On Linux and macOS, only privileged users (members of sudo, wheel, admin groups) can use Multipass, so this isn’t a concern.

On Windows mounts are disabled by default, as anyone with TCP access to localhost (127.0.0.1) can use Multipass, and by extension, gets access to the whole file system.

Allowed values

Any case variations of on|off, yes|no, 1|0, and true|false.

Examples

multipass set local.privileged-mounts=Yes

Default

  • true on Linux and macOS
  • false on Windows

Last updated a month ago.