fuse: incorrect file access permissions
| Package(s): | fuse |
CVE #(s): | |
| Created: | September 26, 2007 |
Updated: | September 26, 2007 |
| Description: |
It was discovered that members of the group fuse can get access to devices which they normally
should not have access to. For ntfs-3g mounts, this was because /sbin/mount.ntfs-3g was setuid
root. This update fixes /sbin/mount.ntfs-3g so that it is no longer has the setuid bit enabled.
The fuse package is also being updated to correct an error in the previous testing package which
incorrectly changed the permissions on /dev/fuse. |
| Alerts: |
|
