diff options
| author |  Miklos Szeredi <miklos@szeredi.hu> | 2004-07-24 13:47:44 +0000 |
|---|---|---|
| committer | Miklos Szeredi <miklos@szeredi.hu> | 2004-07-24 13:47:44 +0000 |
| commit | d66d3947d5d4fdda0bdde3f5299553673d4ee64e (patch) | |
| tree | d3c149cf8b00c61b605092ba48bee8efbc42ae81 /README | |
| parent | 103a89f37a47e63c41b23f8b8101bb244981497b (diff) | |
security fix
Diffstat (limited to 'README')
| -rw-r--r-- | README | 13 |
1 files changed, 0 insertions, 13 deletions
@@ -77,16 +77,3 @@ doing nasty things. Currently those limitations are: - No other user (including root) can access the contents of the mounted filesystem. - -Currently the first two conditions are checked by the fusermount -program before doing the mount. This is in fact not perfectly secure, -since there is a window of time, after fusermount has checked the -mountpoint and before the mount actually takes place, when the user is -able to change the mountpoint (e.g. by changing symbolic links). - -The preferred method would be if the kernel would check the -permissions. There is a patch for this for the 2.6.X kernel (where X ->= 3) in the patch directory. If you apply this patch then the suid -bit can be removed from the fusermount program. - -Comments about this are appreciated. |