On Feb 2, 2:41 pm, "Jack Taranto" <[EMAIL PROTECTED]> wrote:
> $ sudo sysctl -w macfuse.tunables.admin_group=0 # set > > Presumably group 0, as 0 is root - did not work. Upon a reboot, (using # > get) it was still only showing group 80. > > I'm not sure how to get it to stay? > It's not meant to "stay" across reboots. The setting lives in the MacFUSE kernel extension's memory. Therefore, it's volatile across reboots. > Allowing root access to something like a drive's contents can't seriously be > too risky when root has access to everything else? It *seriously* is too risky. You say that "root has access to everything..." -- indeed, *that* is the problem. Normally, the file system lives in the kernel--it's a trusted component (at least much more trusted than random programs you download and run.) With MacFUSE, the role of the file system remains similar, but its implementation changes drastically. Now, file systems *can* be random programs you download. Now think what happens if a random file system crashes, hangs, misbehaves otherwise. Programs running as root that happen to be accessing such a file system will be adversely affected. In particular, a user-space file system can make *other programs* hang. Some of these programs running as root could be system components, so your entire system may hang or misbehave. That is a fundamental security issue and that's why it is "too risky"--not because of the reasons I think you're imagining. Amit --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "macfuse-devel" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/macfuse-devel?hl=en -~----------~----~----~----~------~----~------~--~---
