Jann Horn discovered that FUSE, a Filesystem in USErspace, allows the bypass of the user_allow_other restriction when SELinux is active (including in permissive mode). A local user can take advantage of this flaw in the fusermount utility to bypass the system configuration and mount a FUSE filesystem with the allow_other mount option.
Continue reading...
Continue reading...