I don't think most shells will expand the tilde when it's not at the
start of a word like that.
$ echo --exclude=~/foo
--exclude=~/foo
$
The problem here isn't that the issue can't be worked around, typically
adding an --exclude or several as Chris Hines points out, but that it
shouldn't be neccessary; the basic Unix premise that root can stat the
inode has been broken.
I assume that FUSE's allow_users and allow_root options aren't being
used because they'd allow a plain user to DoS root. However, isn't a
plain user already allowed to plug in a USB flash drive with a
filesystem on it and have the system mount that? Do all filesystems
rigorously detect hierarchy loops, etc., caused by a malicious user
tweaking the filesystem's structures manually before the system kindly
mounting it for them; something normally only root could do?
> what about --exclude=~/.gvfs ?
I don't think most shells will expand the tilde when it's not at the
start of a word like that.
$ echo --exclude=~/foo
--exclude=~/foo
$
The problem here isn't that the issue can't be worked around, typically
adding an --exclude or several as Chris Hines points out, but that it
shouldn't be neccessary; the basic Unix premise that root can stat the
inode has been broken.
I assume that FUSE's allow_users and allow_root options aren't being
used because they'd allow a plain user to DoS root. However, isn't a
plain user already allowed to plug in a USB flash drive with a
filesystem on it and have the system mount that? Do all filesystems
rigorously detect hierarchy loops, etc., caused by a malicious user
tweaking the filesystem's structures manually before the system kindly
mounting it for them; something normally only root could do?