Comment 43 for bug 225361
Revision history for this message
| Nikolaus Rath (nikratio) wrote Re: [Bug 225361] Re: ~/.gvfs causes various errors | #43 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
a60fb26
(Get the code!)
Ralph Corderoy <email address hidden> writes:
> Nikolaus Rath and S B, take a look at my earlier comment
> https:/
> understand this configuration of FUSE has been chosen because of
> security concerns, as opposed to using its allow_users or allow_root
> options.
This is not a valid concern. In Ubuntu, allow_root is by default
enabled in /etc/fuse.conf. So even if gvfs does not use --allow-root,
a malicious user can simply mount a filesystem of his choice manually
and with --allow-root.
If --allow-root poses a security risk, it has to be disabled in
/etc/fuse.conf and not in individual applications that happen to call
fuse.
Best,
-Nikolaus
--
»It is not worth an intelligent man's time to be in the majority.
By definition, there are already enough people to do that.«
PGP fingerprint: 5B93 61F8 4EA2 E279 ABF6 02CF A9AD B7F8 AE4E 425C