[Bug 173345] Review Request: fuse
bugzilla at redhat.com
bugzilla at redhat.com
Wed Nov 16 19:37:15 UTC 2005
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
Summary: Review Request: fuse
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=173345
miklos at szeredi.hu changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |miklos at szeredi.hu
------- Additional Comments From miklos at szeredi.hu 2005-11-16 14:37 EST -------
Hi Thorsten,
Thanks for packaging FUSE.
About security: FUSE has been designed in a way, that even malicious users
can't cause problems. This is modulo any unknown bugs of course. To date there
has been only one security bug found (an information leak) and fixed in 2.3.0
that could be exploited by a hostile user.
So restricting mounting to a subset of users IMO just makes administration
harder. So at least it should be documented that it's an option for the
sysadmin to change the mode of /usr/bin/fusermount to 4755 instead of having to
individually add users to the fuse group.
Thanks,
Miklos
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
More information about the fedora-extras-list
mailing list