GNU bug report logs - #46980
ntfs-3g and setuid root with an external FUSE library

Previous Next

To reply to this bug, email your comments to 46980 AT debbugs.gnu.org.

Toggle the display of automated, internal messages from the tracker.

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Abdelhakim Qbaich <abdelhakim <at> qbaich.com>
To: bug-guix <at> gnu.org
Subject: ntfs-3g and setuid root with an external FUSE library
Date: Sat, 6 Mar 2021 14:24:32 -0800

Hi,

In the default set of desktop services, ntfs-3g is made setuid root:

> (simple-service 'mount-setuid-helpers setuid-program-service-type
>                 (list (file-append nfs-utils "/sbin/mount.nfs")
>                       (file-append ntfs-3g "/sbin/mount.ntfs-3g")))

However, as it is built with:

> "--with-fuse=external" ;use our own FUSE

Running mount.ntfs-3g yields:

> Mount is denied because setuid and setgid root ntfs-3g is insecure
> with the external FUSE library. Either remove the setuid/setgid bit
> from the binary or rebuild NTFS-3G with integrated FUSE support and
> make it setuid root.

-- 
Abdelhakim Qbaich

Message #8 received at 46980 <at> debbugs.gnu.org (full text, mbox):

From: William <willbilly <at> fedora.email>
To: 46980 <at> debbugs.gnu.org, abdelhakim <at> qbaich.com
Subject: ntfs-3g and setuid root with an external FUSE library
Date: Mon, 4 Mar 2024 20:27:39 +0100

Hello.

Reminder that this issue is still a thing, I'm unable to mount NTFS
partitions at boot because ntfs-3g relies on the external FUSE kernel
module and refuses to run with setuid right now.

The only two possible workarounds I can see is either manually mounting
the partition after boot as sudo/superuser, or compile ntfs-3g modified
locally with the FUSE support enabled, and use the modified version
instead.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.