https://bugzilla.novell.com/show_bug.cgi?id=308867 User lnussel@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=308867#c23 --- Comment #23 from Ludwig Nussel <lnussel@novell.com> 2008-11-07 08:16:10 MST --- (In reply to comment #22 from Szabolcs Szakacsits)
A Fedora user noticed that if ntfs-3g and everything else is configured the documented way for unprivileged mounts to mount NTFS volumes then users can indeed mount unprivileged any NTFS volume. This was the intended behavior by design for those who needed this feature by explicit configuration (not default) but the user believed it is a security problem. [...] During the same time Ludwig Nussel from SUSE has found an unrelated, real local root exploit (much higher severity). This was never disclosed to the public but the incorrect security advisory is used today as a proxy. The CVE is still not analysed/confirmed.
You are right. I've dug up the discussions in the mail archive. Indeed CVE-2007-5376 has been assigned to problem I discovered and the plan was to reject CVE-2007-5159. This never actually happened though. Feel free to tell mitre (cve@mitre.org) to correct their descriptions.
Please note, the above doesn't mean setuid-root use would be encouraged by NTFS-3G. Actually just the opposite.
Good to hear :-)
The user/user fstab option issue could be fixed if mount(8) called the mount.ntfs-3g mount helper privileged. Otherwise setuid-root ntfs-3g is required.
Yeah, other mount helpers would benefit from that too. One can't just change the semantics for current helpers though so one would need a directory where helpers with new sematics can be installed. Upstream is not opposed to this idea IIRC. There just is noone pushing an actual implementation. There are also efforts from the kernel side to allow pure user mounts without privileges. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.