Ralph Corderoy <[EMAIL PROTECTED]> writes:
> Nikolaus Rath and S B, take a look at my earlier comment
> https://bugs.launchpad.net/ubuntu/+source/gvfs/+bug/225361/comments/11 I
> understand this configuration of FUSE has been chosen because of
> security concerns, as opposed to using its allow_users or allow_root
> options.
This is not a valid concern. In Ubuntu, allow_root is by default
enabled in /etc/fuse.conf. So even if gvfs does not use --allow-root,
a malicious user can simply mount a filesystem of his choice manually
and with --allow-root.
If --allow-root poses a security risk, it has to be disabled in
/etc/fuse.conf and not in individual applications that happen to call
fuse.
Best,
-Nikolaus
--
»It is not worth an intelligent man's time to be in the majority.
By definition, there are already enough people to do that.«
-J.H. Hardy
PGP fingerprint: 5B93 61F8 4EA2 E279 ABF6 02CF A9AD B7F8 AE4E 425C
--
~/.gvfs causes various errors
https://bugs.launchpad.net/bugs/225361
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
