By default, other users, including root, cannot access a fuse mounted filesystem mounted by a user. One can give access to others by specifying '-o allow_other' (or allow_root) as a fuse option, but only if /etc/fuse.conf has 'user_allow_other'. On Ubuntu, this option is commented out. Furthermore, the regular DAC permissions appear to be in effect as the mounting user, so removing /var/crash/etc is not possible when a non-root user mounts /var/crash/etc to /etc.
I played with this and using fuse to have apport remove arbitrary files in this manner does not seem possible on Ubuntu. Specifically: apps.sourceforg e.net/mediawiki /fuse/index. php?title= FAQ#Why_ don.27t_ other_users_ have_access_ to_the_ mounted_ filesystem. 3F
http://
By default, other users, including root, cannot access a fuse mounted filesystem mounted by a user. One can give access to others by specifying '-o allow_other' (or allow_root) as a fuse option, but only if /etc/fuse.conf has 'user_allow_other'. On Ubuntu, this option is commented out. Furthermore, the regular DAC permissions appear to be in effect as the mounting user, so removing /var/crash/etc is not possible when a non-root user mounts /var/crash/etc to /etc.
Eg: */example/ fusexmp. c foo/etc/ shadow foo/etc/ shadow foo/etc/ shadow foo/etc/ shadow: Permission denied foo/etc/ shadow foo/etc/ shadow: Permission denied foo/etc/ shadow foo/etc/ shadow: Permission denied
$ sudo apt-get install libfuse-dev
$ apt-get source fuse
$ cp ./fuse-
$ cd /tmp
$ gcc -Wall `pkg-config fuse --cflags --libs` fusexmp.c -o fusexmp
$ mkdir /var/crash/foo
$ ./fusexmp -o allow_root -o nonempty /var/crash/foo
$ ls -l /var/crash/
-rw-r----- 1 root shadow 1310 2009-04-06 07:46 /var/crash/
$ cat /var/crash/
cat: /var/crash/
$ sudo cat /var/crash/
cat: /var/crash/
$ sudo su -
# cat /var/crash/
cat: /var/crash/
Fuse behavior will need to be reviewed on earlier releases of course, but please let me know if there this analysis is incorrect (I'm new to fuse).