From: Szabolcs S. <sz...@in...> - 2008-08-31 18:03:27
|
On Sun, 31 Aug 2008, Werner Baumann wrote: > I am concerned about security implications of uncontrolled usermounts > and measures to make them secure. Something like you find in > doc/kernel.txt in the fuse-package. > > In the ntfs-3g man page I find this: > > ntfs-3g is an NTFS driver, which can create, remove, rename, move files, > directories, hard links, and streams; it can read and write files, > including streams and sparse files; it can handle special files like > symbolic links, devices, and FIFOs; moreover it can also read > transparently compressed files. ... Access Handling and Security By > default, files and directories are owned by the effective user and group > of the mounting process and everybody has full read, write, execution and > directory browsing permissions. If you want to use permissions handling > then use the uid and/or the gid options together with the umask, or fmask > and dmask options. > > Compared with fuse, it looks like you dropped every security related > restriction. I checked doc/kernel.txt and I can't figure out what you mean we dropped. Please provide a specific exploit. Thank you. Szaka -- NTFS-3G: http://ntfs-3g.org |