Bug #21
Method of mounting may be exploited
Start date:
09/30/2014
Due date:
% Done:
0%
Description
On Linux, root access is required to mount volumes despite the supposed use of FUSE. This may be exploited through other bugs in order to gain root access to the system. It has also been pointed out that some Linux systems mount volumes with the setuid flag, which may also be used to gain root access once the volume is mounted.
This issue is also discussed on https://github.com/CipherShed/CipherShed/issues/29