Am 14.06.2021 um 16:44 hat Max Reitz geschrieben: > Hi, > > With the default mount options, FUSE mounts are not accessible to any > users but the one who did the mount, not even to root. To allow such > accesses, allow_other must be passed. > > This is probably useful to some people (it certainly is to me, e.g. when > exporting some image as my normal user, and then trying to loop mount it > as root), so this series adds a QAPI allow-other bool that will make the > FUSE export code pass allow_other,default_permissions to FUSE. > > (default_permissions will make the kernel do the usual UNIX permission > checks, which is something that makes a lot of sense when allowing other > users access to the export.) > > This also requires our SETATTR code to be able to handle permission > changes, though, so the user can then run chmod/chown/chgrp on the > export to adjust its permissions to their need. > > The final patch adds a test.
If there is even a use case for leaving the option off (not trusting root?), it must certainly be the less common case? So I'm not sure if allow-other should be an option at all, but if it is, enabling it by default would make more sense to me. Is there a reason why you picked false as the default, except that it is the old behaviour? Kevin
