Comment 45 for bug 225361

Ralph Corderoy <email address hidden> writes:
> Nikolaus wrote:
>> >
>> > I understand this configuration of FUSE has been chosen because of
>> > security concerns, as opposed to using its allow_users or allow_root
>> > options.
>> This is not a valid concern. In Ubuntu, allow_root is by default
>> enabled in /etc/fuse.conf.
> In my untouched 8.04 /etc/fuse.conf, both mount_max and
> user_allow_other are commented out, meaning the file has no active
> options.

Hmm. I'm running 8.04 as well, and here it is enabled. I don't
remember changing it either. However, this is not a fresh install but
has been upgraded several times, so maybe the setting survived from an
older release.

>> So even if gvfs does not use --allow-root, a malicious user can simply
>> mount a filesystem of his choice manually and with --allow-root.
> It's my understanding that Ubuntu have set up automounting of user
> filesystems (non-FUSE ones) so a malicious user can have root mount
> their concocted filesystem anyway, so I'm not sure what the current
> troublesome, non-Unix, FUSE configuration is protecting us from?

Yes, I don't see any point in that either.



 »It is not worth an intelligent man's time to be in the majority.
  By definition, there are already enough people to do that.«
                                                         -J.H. Hardy

  PGP fingerprint: 5B93 61F8 4EA2 E279 ABF6 02CF A9AD B7F8 AE4E 425C