GNU bug report logs - #46980
ntfs-3g and setuid root with an external FUSE library

Package: guix;

Reported by: Abdelhakim Qbaich <abdelhakim <at> qbaich.com>

Date: Sun, 7 Mar 2021 00:32:01 UTC

Severity: normal

View this message in rfc822 format

From: Abdelhakim Qbaich <abdelhakim <at> qbaich.com>
To: 46980 <at> debbugs.gnu.org
Subject: bug#46980: ntfs-3g and setuid root with an external FUSE library
Date: Sat, 6 Mar 2021 14:24:32 -0800

Hi,

In the default set of desktop services, ntfs-3g is made setuid root:

> (simple-service 'mount-setuid-helpers setuid-program-service-type
>                 (list (file-append nfs-utils "/sbin/mount.nfs")
>                       (file-append ntfs-3g "/sbin/mount.ntfs-3g")))

However, as it is built with:

> "--with-fuse=external" ;use our own FUSE

Running mount.ntfs-3g yields:

> Mount is denied because setuid and setgid root ntfs-3g is insecure
> with the external FUSE library. Either remove the setuid/setgid bit
> from the binary or rebuild NTFS-3G with integrated FUSE support and
> make it setuid root.

-- 
Abdelhakim Qbaich

This bug report was last modified 1 year and 192 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #46980 ntfs-3g and setuid root with an external FUSE library

GNU bug report logs - #46980
ntfs-3g and setuid root with an external FUSE library