Drop setuid bit from /bin/ntfs-3g

Bug #1821250 reported by Chris Coulson on 2019-03-21
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
ntfs-3g (Ubuntu)
Undecided
Chris Coulson
Xenial
Undecided
Chris Coulson
Bionic
Undecided
Chris Coulson
Cosmic
Undecided
Chris Coulson

Bug Description

/bin/ntfs-3g has been installed as setuid-root since xenial, but this is discouraged upstream (see https://www.tuxera.com/community/ntfs-3g-faq/#useroption) and recently contributed to CVE-2019-9755 (https://usn.ubuntu.com/3914-1/). As a hardening improvement, this should not be setuid.

[ Test case ]
Upgrade ntfs-3g and then mount, use and unmount your NTFS volumes as usual.

[ Regression potential ]
This does break one use-case - unprivileged users will not be able to mount NTFS image files. Based on discussions offline, we think this is an edge case and consider it to be an acceptable trade-off. As far as I'm aware, there are no other use-cases that are broken by this change. It doesn't affect automounting of removable volumes or mounting of NTFS block devices (which unprivileged users can't mount anyway). Administrators that want to allow unprivileged users to mount NTFS image files can change the permissions of /bin/ntfs-3g using dpkg-statoverride.

Changed in ntfs-3g (Ubuntu):
status: New → Fix Released
assignee: nobody → Chris Coulson (chrisccoulson)
Changed in ntfs-3g (Ubuntu Xenial):
assignee: nobody → Chris Coulson (chrisccoulson)
Changed in ntfs-3g (Ubuntu Bionic):
assignee: nobody → Chris Coulson (chrisccoulson)
Changed in ntfs-3g (Ubuntu Cosmic):
assignee: nobody → Chris Coulson (chrisccoulson)
description: updated
tags: added: verification-needed verification-needed-bionic verification-needed-cosmic verification-needed-xenial
Chris Coulson (chrisccoulson) wrote :

Note that the security team intends to copy these updates to the security pockets after the SRU verification has been completed.

description: updated
tags: added: verification-done verification-done-bionic verification-done-cosmic verification-done-xenial
removed: verification-needed verification-needed-bionic verification-needed-cosmic verification-needed-xenial
Łukasz Zemczak (sil2100) wrote :

Hey Chris! Do you need any action performed on this package? Or will you copy it over soon?

Changed in ntfs-3g (Ubuntu Xenial):
status: New → Fix Committed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package ntfs-3g - 1:2017.3.23-2ubuntu0.18.04.2

---------------
ntfs-3g (1:2017.3.23-2ubuntu0.18.04.2) bionic-security; urgency=medium

  * Fix LP: #1821250 - Don't install /bin/ntfs-3g as setuid root. If
    administrators want to allow unprivileged users to be able to mount NTFS
    images, they can restore this functionality by changing the permissions of
    /bin/ntfs-3g with dpkg-statoverride
    - update debian/ntfs-3g.postinst

 -- Chris Coulson <email address hidden> Thu, 21 Mar 2019 21:33:01 +0000

Changed in ntfs-3g (Ubuntu Bionic):
status: New → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package ntfs-3g - 1:2015.3.14AR.1-1ubuntu0.3

---------------
ntfs-3g (1:2015.3.14AR.1-1ubuntu0.3) xenial-security; urgency=medium

  * Fix LP: #1821250 - Don't install /bin/ntfs-3g as setuid root. If
    administrators want to allow unprivileged users to be able to mount NTFS
    images, they can restore this functionality by changing the permissions of
    /bin/ntfs-3g with dpkg-statoverride
    - update debian/ntfs-3g.postinst

 -- Chris Coulson <email address hidden> Thu, 21 Mar 2019 21:33:36 +0000

Changed in ntfs-3g (Ubuntu Xenial):
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package ntfs-3g - 1:2017.3.23-2ubuntu0.18.10.2

---------------
ntfs-3g (1:2017.3.23-2ubuntu0.18.10.2) cosmic-security; urgency=medium

  * Fix LP: #1821250 - Don't install /bin/ntfs-3g as setuid root. If
    administrators want to allow unprivileged users to be able to mount NTFS
    images, they can restore this functionality by changing the permissions of
    /bin/ntfs-3g with dpkg-statoverride
    - update debian/ntfs-3g.postinst

 -- Chris Coulson <email address hidden> Thu, 21 Mar 2019 21:23:27 +0000

Changed in ntfs-3g (Ubuntu Cosmic):
status: New → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers