Ygtjki

Why is so much work done on numerical verification of the Riemann Hypothesis?

What's the name of the logical fallacy where a debater extends a statement far beyond the original statement to make it true?

It grows, but water kills it

Does "he squandered his car on drink" sound natural?

Microchip documentation does not label CAN buss pins on micro controller pinout diagram

How do you make your own symbol when Detexify fails?

How much theory knowledge is actually used while playing?

Why do ¬, ∀ and ∃ have the same precedence?

What features enable the Su-25 Frogfoot to operate with such a wide variety of fuels?

How can ping know if my host is down

Has the laser at Magurele, Romania reached a tenth of the Sun's power?

Multiplicative persistence

US tourist/student visa

Is this part of the description of the Archfey warlock's Misty Escape feature redundant?

How does electrical safety system work on ISS?

Which was the first story featuring espers?

Shouldn’t conservatives embrace universal basic income?

Creating two special characters

PTIJ: Why is Haman obsessed with Bose?

Why does Carol not get rid of the Kree symbol on her suit when she changes its colours?

What does Apple's new App Store requirement mean

Taxes on Dividends in a Roth IRA

Delete multiple columns using awk or sed

Is it allowed to activate the ability of multiple planeswalkers in a single turn?

Does `sshfs -o allow_root` open any security holes? Why isn't allow_root enabled by default?

1

allow_root

This option is similar to allow_other but file access is limited to the user mounting the filesystem and root. This option and allow_other are mutually exclusive.

From mount.fuse(8)

If the platform matters, assume that I'm on the latest version of FUSE and Linux.

linux security sshfs fuse

share|improve this question

asked Mar 17 at 0:37

NavinNavin

150111

add a comment | 

1

allow_root

This option is similar to allow_other but file access is limited to the user mounting the filesystem and root. This option and allow_other are mutually exclusive.

From mount.fuse(8)

If the platform matters, assume that I'm on the latest version of FUSE and Linux.

linux security sshfs fuse

share|improve this question

asked Mar 17 at 0:37

NavinNavin

150111

add a comment | 

allow_root

This option is similar to allow_other but file access is limited to the user mounting the filesystem and root. This option and allow_other are mutually exclusive.

From mount.fuse(8)

If the platform matters, assume that I'm on the latest version of FUSE and Linux.

linux security sshfs fuse

share|improve this question

asked Mar 17 at 0:37

NavinNavin

150111

share|improve this question

asked Mar 17 at 0:37

NavinNavin

150111

share|improve this question

asked Mar 17 at 0:37

NavinNavin

150111

asked Mar 17 at 0:37

NavinNavin

150111

asked Mar 17 at 0:37

NavinNavin

150111

1 Answer
1

active

oldest

votes

0

When you use this option, you're giving the system administrator(s) of this machine access to your files on the remote server, which they wouldn't have if they don't have their own accounts on that server.

But since root has access to everything on this client machine, they don't really need your permission. They can use su to changed to your userid, and then they'll be able to access anything you can access.

So this just makes things easier for the superuser. This is useful if you're the sole user of the machine, so root is really yourself, and you want to be able to access your SSHFS filesystems while using sudo.

share|improve this answer

edited 21 hours ago

answered yesterday

BarmarBarmar

7,0821424

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  I haven't studied the problem in depth, but I have the hunch that the existence of the allow_root option is an accomodation made for sudo-maniacs rather than anything else -- they were trying to use sudo command /path/to/remote/file directly, failed, so this option was added to make them happy.
  
  – mosvy
  yesterday
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  It probably makes sense for single-user machines, where root is essentially the same user. Although then allow_other is also reasonable.
  
  – Barmar
  yesterday
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  In other words, it gives users a false sense of security. Root doesn't care about your private key or password; root can just login as you with su and access your mounted FUSE filesystems. Dunno why you mention keyloggers.
  
  – Navin
  22 hours ago
  
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  I was thinking about root mounting your filesystem without you, so it would need your SSH credentials, but that's not what this is about.
  
  – Barmar
  21 hours ago
  

  
  
  
  

add a comment | 

Your Answer

StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "106"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name

Email

Required, but never shown

StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f506753%2fdoes-sshfs-o-allow-root-open-any-security-holes-why-isnt-allow-root-enabled%23new-answer', 'question_page');

);

Post as a guest

Name

Email

Required, but never shown

0

When you use this option, you're giving the system administrator(s) of this machine access to your files on the remote server, which they wouldn't have if they don't have their own accounts on that server.

But since root has access to everything on this client machine, they don't really need your permission. They can use su to changed to your userid, and then they'll be able to access anything you can access.

So this just makes things easier for the superuser. This is useful if you're the sole user of the machine, so root is really yourself, and you want to be able to access your SSHFS filesystems while using sudo.

share|improve this answer

edited 21 hours ago

answered yesterday

BarmarBarmar

7,0821424

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  I haven't studied the problem in depth, but I have the hunch that the existence of the allow_root option is an accomodation made for sudo-maniacs rather than anything else -- they were trying to use sudo command /path/to/remote/file directly, failed, so this option was added to make them happy.
  
  – mosvy
  yesterday
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  It probably makes sense for single-user machines, where root is essentially the same user. Although then allow_other is also reasonable.
  
  – Barmar
  yesterday
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  In other words, it gives users a false sense of security. Root doesn't care about your private key or password; root can just login as you with su and access your mounted FUSE filesystems. Dunno why you mention keyloggers.
  
  – Navin
  22 hours ago
  
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  I was thinking about root mounting your filesystem without you, so it would need your SSH credentials, but that's not what this is about.
  
  – Barmar
  21 hours ago
  

  
  
  
  

add a comment | 

0

When you use this option, you're giving the system administrator(s) of this machine access to your files on the remote server, which they wouldn't have if they don't have their own accounts on that server.

But since root has access to everything on this client machine, they don't really need your permission. They can use su to changed to your userid, and then they'll be able to access anything you can access.

So this just makes things easier for the superuser. This is useful if you're the sole user of the machine, so root is really yourself, and you want to be able to access your SSHFS filesystems while using sudo.

share|improve this answer

edited 21 hours ago

answered yesterday

BarmarBarmar

7,0821424

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  I haven't studied the problem in depth, but I have the hunch that the existence of the allow_root option is an accomodation made for sudo-maniacs rather than anything else -- they were trying to use sudo command /path/to/remote/file directly, failed, so this option was added to make them happy.
  
  – mosvy
  yesterday
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  It probably makes sense for single-user machines, where root is essentially the same user. Although then allow_other is also reasonable.
  
  – Barmar
  yesterday
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  In other words, it gives users a false sense of security. Root doesn't care about your private key or password; root can just login as you with su and access your mounted FUSE filesystems. Dunno why you mention keyloggers.
  
  – Navin
  22 hours ago
  
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  I was thinking about root mounting your filesystem without you, so it would need your SSH credentials, but that's not what this is about.
  
  – Barmar
  21 hours ago
  

  
  
  
  

add a comment | 

When you use this option, you're giving the system administrator(s) of this machine access to your files on the remote server, which they wouldn't have if they don't have their own accounts on that server.

But since root has access to everything on this client machine, they don't really need your permission. They can use su to changed to your userid, and then they'll be able to access anything you can access.

So this just makes things easier for the superuser. This is useful if you're the sole user of the machine, so root is really yourself, and you want to be able to access your SSHFS filesystems while using sudo.

share|improve this answer

edited 21 hours ago

answered yesterday

BarmarBarmar

7,0821424

share|improve this answer

edited 21 hours ago

answered yesterday

BarmarBarmar

7,0821424

answered yesterday

BarmarBarmar

7,0821424

answered yesterday

BarmarBarmar

7,0821424