Bug 215797 - fs/fuse : allow_other & allow_root not restricted to root
Summary: fs/fuse : allow_other & allow_root not restricted to root
Status: Closed Feedback Timeout
Alias: None
Product: Base System
Classification: Unclassified
Component: kern (show other bugs)
Version: CURRENT
Hardware: Any Any
: --- Affects Some People
Assignee: freebsd-fs (Nobody)
URL:
Keywords: patch
Depends on:
Blocks:
 
Reported: 2017-01-05 14:35 UTC by Ben RUBSON
Modified: 2017-01-25 10:17 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Ben RUBSON 2017-01-05 14:35:47 UTC
Hello,

From Linux mount.fuse(8) :
CONFIGURATION
  Some options regarding mount policy can be set in /etc/fuse.conf :
    user_allow_other
      Allow non-root users to specify allow_other or allow_root options 

From FreeBSD mount_fusefs(8) :
allow_other
  Do not apply STRICT ACCESS POLICY. Only root can use this option.

I would like to see the Linux behaviour under FreeBSD, being able to allow non-root users to use allow_other/allow_root option.

I then also think that it could be interesting to support allow_root :
allow_root
  This option is similar to allow_other but file access is limited to the user mounting the filesystem and root. This option and allow_other are mutually exclusive.

I need Fuse FS mounted by non-root users to be available to root (at least the very first dir).
I then use this dirty quick tweak :

--- sys/fs/fuse/fuse_internal.c.orig
+++ sys/fs/fuse/fuse_internal.c
@@ -142,7 +142,7 @@
 			int denied = fuse_match_cred(data->daemoncred,
 			    cred);
 
-			if (denied) {
+			if (denied && (cred->cr_uid)) {
 				return EPERM;
 			}
 		}

Would then be nice to be officially supported.

Many thanks !

Ben
Comment 1 Ben RUBSON 2017-01-25 10:17:37 UTC
I close this issue as I have found a workaround for my use-case, and as I'm the only one to follow it.
If one is interested by such a feature, feel free to re-open this/a case !
Ben