Nikolaus wrote:
> > https://bugs.launchpad.net/ubuntu/+source/gvfs/+bug/225361/comments/11
> > I understand this configuration of FUSE has been chosen because of
> > security concerns, as opposed to using its allow_users or allow_root
> > options.
>
> This is not a valid concern. In Ubuntu, allow_root is by default
> enabled in /etc/fuse.conf.
In my untouched 8.04 /etc/fuse.conf, both mount_max and user_allow_other
are commented out, meaning the file has no active options.
> So even if gvfs does not use --allow-root, a malicious user can simply
> mount a filesystem of his choice manually and with --allow-root.
It's my understanding that Ubuntu have set up automounting of user
filesystems (non-FUSE ones) so a malicious user can have root mount
their concocted filesystem anyway, so I'm not sure what the current
troublesome, non-Unix, FUSE configuration is protecting us from?
Nikolaus wrote: /bugs.launchpad .net/ubuntu/ +source/ gvfs/+bug/ 225361/ comments/ 11
> > https:/
> > I understand this configuration of FUSE has been chosen because of
> > security concerns, as opposed to using its allow_users or allow_root
> > options.
>
> This is not a valid concern. In Ubuntu, allow_root is by default
> enabled in /etc/fuse.conf.
In my untouched 8.04 /etc/fuse.conf, both mount_max and user_allow_other
are commented out, meaning the file has no active options.
> So even if gvfs does not use --allow-root, a malicious user can simply
> mount a filesystem of his choice manually and with --allow-root.
It's my understanding that Ubuntu have set up automounting of user
filesystems (non-FUSE ones) so a malicious user can have root mount
their concocted filesystem anyway, so I'm not sure what the current
troublesome, non-Unix, FUSE configuration is protecting us from?