Specify fstype when mounting filesystems

[simondeziel]

There would be a (albeit small) security benefit in specifying which fstype we expect mount to use when trying to mount files obtained from external/untrusted sources. Here's the discussion I had on #ubuntu-security (mdeslaur is a member of the security team at Canonical):

sdeziel: Hello o/, I have a tool that runs as root and mount -o ro ISOs retrieved from external sources. I know that comes with a bunch of risks on its own but I'm wondering if there would be some benefits in specifying the fstype to use (mount -t iso9660 -o ro ...) to avoid mount (or the kernel?) having to (wrongly?) guess the fstype?
mdeslaur: sdeziel: filesystem flaws are common, if you specify it, you make sure someone isn't trying to exploit a known vulnerability in some arbitrary filesystem
sdeziel: mdeslaur: thanks!
mdeslaur: I guess that would reduce exposure a bit

I checked LXD code base, and it has helper functions always specifying the fstype so maybe there is a possibility of code reuse/copy here.