[Bug 1821250] [NEW] Drop setuid bit from /bin/ntfs-3g

Chris Coulson chris.coulson at canonical.com
Thu Mar 21 21:31:12 UTC 2019 

Public bug reported:

/bin/ntfs-3g has been installed as setuid-root since xenial, but this is
discouraged upstream (see https://www.tuxera.com/community/ntfs-3g-
faq/#useroption). As a hardening improvement, this should not be setuid.

This does break one use-case - unprivileged users will not be able to
mount NTFS image files. As far as I'm aware, there are no other use-
cases that are broken by this change. It doesn't affect automounting of
removable volumes or mounting of NTFS block devices (which unprivileged
users can't mount anyway). Administrators that want to allow
unprivileged users to mount NTFS image files can change the permissions
of /bin/ntfs-3g using dpkg-statoverride.

** Affects: ntfs-3g (Ubuntu)
     Importance: Undecided
     Assignee: Chris Coulson (chrisccoulson)
         Status: Fix Released

** Affects: ntfs-3g (Ubuntu Xenial)
     Importance: Undecided
     Assignee: Chris Coulson (chrisccoulson)
         Status: New

** Affects: ntfs-3g (Ubuntu Bionic)
     Importance: Undecided
     Assignee: Chris Coulson (chrisccoulson)
         Status: New

** Affects: ntfs-3g (Ubuntu Cosmic)
     Importance: Undecided
     Assignee: Chris Coulson (chrisccoulson)
         Status: New

** Also affects: ntfs-3g (Ubuntu Cosmic)
   Importance: Undecided
       Status: New

** Also affects: ntfs-3g (Ubuntu Bionic)
   Importance: Undecided
       Status: New

** Also affects: ntfs-3g (Ubuntu Xenial)
   Importance: Undecided
       Status: New

** Changed in: ntfs-3g (Ubuntu)
       Status: New => Fix Released

** Changed in: ntfs-3g (Ubuntu)
     Assignee: (unassigned) => Chris Coulson (chrisccoulson)

** Changed in: ntfs-3g (Ubuntu Xenial)
     Assignee: (unassigned) => Chris Coulson (chrisccoulson)

** Changed in: ntfs-3g (Ubuntu Bionic)
     Assignee: (unassigned) => Chris Coulson (chrisccoulson)

** Changed in: ntfs-3g (Ubuntu Cosmic)
     Assignee: (unassigned) => Chris Coulson (chrisccoulson)

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to ntfs-3g in Ubuntu.
https://bugs.launchpad.net/bugs/1821250

Title:
  Drop setuid bit from /bin/ntfs-3g

Status in ntfs-3g package in Ubuntu:
  Fix Released
Status in ntfs-3g source package in Xenial:
  New
Status in ntfs-3g source package in Bionic:
  New
Status in ntfs-3g source package in Cosmic:
  New

Bug description:
  /bin/ntfs-3g has been installed as setuid-root since xenial, but this
  is discouraged upstream (see https://www.tuxera.com/community/ntfs-3g-
  faq/#useroption). As a hardening improvement, this should not be
  setuid.

  This does break one use-case - unprivileged users will not be able to
  mount NTFS image files. As far as I'm aware, there are no other use-
  cases that are broken by this change. It doesn't affect automounting
  of removable volumes or mounting of NTFS block devices (which
  unprivileged users can't mount anyway). Administrators that want to
  allow unprivileged users to mount NTFS image files can change the
  permissions of /bin/ntfs-3g using dpkg-statoverride.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ntfs-3g/+bug/1821250/+subscriptions

More information about the foundations-bugs mailing list