>I don't see the benefit of using 'FUSE' from a security perspective.
Well you'd better tell the authors of libguestfs then (largely RedHat) as security seems to be its main intention.
If you're saying that an exploit granting access to a user space program is just as dangerous as it having access to kernel space, I think most people would disagree with you.
The point is not whether or not the user wants to mount the device - let's take it for granted that they do, so confirmation is irrelevant. It's whether that USB stick that was just handed to them at a conference is able to directly exploit their kernel on insertion through a specially crafted filesystem.
"Just fix"ing "the code" in this case means "always getting all filesystem code 100% right 100% of the time".