fuse.conf permission denied

Bug #794494 reported by Manuel López-Ibáñez on 2011-06-08
312
This bug affects 14 people
Affects Status Importance Assigned to Milestone
fuse (Ubuntu)
Medium
Dimitri John Ledkov

Bug Description

For some reason,

-rw-r----- 1 root fuse 215 2011-06-08 12:59 /etc/fuse.conf

However, users are not created by default members of fuse group. Moreover:

adduser manu fuse

leads still to

fusermount: failed to open /etc/fuse.conf: Permission denied
fusermount: option allow_other only allowed if 'user_allow_other' is set in /etc/fuse.conf

Expected: fuse.conf is readable by all

ProblemType: Bug
DistroRelease: Ubuntu 11.04
Package: fuse-utils 2.8.4-1.1ubuntu4
ProcVersionSignature: Ubuntu 2.6.38-8.42-generic-pae 2.6.38.2
Uname: Linux 2.6.38-8-generic-pae i686
NonfreeKernelModules: fglrx
Architecture: i386
Date: Wed Jun 8 13:04:55 2011
EcryptfsInUse: Yes
InstallationMedia: Kubuntu 11.04 "Natty Narwhal" - Release i386 (20110427)
ProcEnviron:
 LC_TIME=en_GB.UTF-8
 LANGUAGE=
 PATH=(custom, user)
 LANG=en_US.UTF-8
 SHELL=/bin/bash
SourcePackage: fuse
UpgradeStatus: No upgrade log present (probably fresh install)

Ah! For adduser to take effect one has to login again! Anyway, why fuse.conf is not readable by all?

Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in fuse (Ubuntu):
status: New → Confirmed
Anatol Pomozov (anatol) wrote :

I also do not see any reason why the file is not readable by all.

"chmod a+r fuse.conf" fixed the situation for me.

After installing vdfuse on Ubuntu 12.10 /etc/fuse.conf has a group id which I don't even find in /etc/groups.

Felipe Castillo (fcastillo.ec) wrote :

This bug is still present in Ubuntu 13.04
Setting fuse.conf as read to all fixed the problem.

Dimitri John Ledkov (xnox) wrote :

@Ubuntu Security team, can you comment on this bug report? Can /etc/fuse.conf contain password and the like?

Changed in fuse (Ubuntu):
assignee: nobody → Ubuntu Security Team (ubuntu-security)
information type: Public → Public Security
Marc Deslauriers (mdeslaur) wrote :

The fusermount binary should be 4755.

Could you please give the exact steps necessary to reproduce that error message?

Changed in fuse (Ubuntu):
status: Confirmed → Incomplete
Marc Deslauriers (mdeslaur) wrote :

Ah, it drops privs before trying to read the file.

There's nothing sensitive in that file, permissions can be relaxed to 644 in Ubuntu.

Changed in fuse (Ubuntu):
status: Incomplete → Confirmed
Dimitri John Ledkov (xnox) wrote :

@mdeslaur

Thanks a lot, will fix it up.

Changed in fuse (Ubuntu):
assignee: Ubuntu Security Team (ubuntu-security) → Dmitrijs Ledkovs (xnox)
importance: Undecided → Medium

Still broken in Ubuntu 14.04

jevgtv (tugevus) wrote :

I have the same problem on Ubuntu 14.04.3 LTS 64-bit

jevgtv (tugevus) wrote :

with encfs

Dimitri John Ledkov (xnox) wrote :

New installations get the right permissions, upgraded machines are not changed to 644 as far as I can see.

Changed in fuse (Ubuntu):
status: Confirmed → In Progress
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package fuse - 2.9.4-1ubuntu2

---------------
fuse (2.9.4-1ubuntu2) xenial; urgency=medium

  * Upgrade /etc/fuse.conf permissions to current default of 0644. (LP: #794494)

 -- Dimitri John Ledkov <email address hidden> Tue, 23 Feb 2016 15:44:39 +0000

Changed in fuse (Ubuntu):
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers