Project

General

Profile

Bug #21

Method of mounting may be exploited

Added by Kyle Marek over 7 years ago.

Status:
New
Priority:
High
Assignee:
-
Target version:
Start date:
09/30/2014
Due date:
% Done:

0%


Description

On Linux, root access is required to mount volumes despite the supposed use of FUSE. This may be exploited through other bugs in order to gain root access to the system. It has also been pointed out that some Linux systems mount volumes with the setuid flag, which may also be used to gain root access once the volume is mounted.

This issue is also discussed on https://github.com/CipherShed/CipherShed/issues/29

Also available in: Atom PDF