Violently remove AllowRoot

As it never really worked (except maybe on macOS), I don't feel the need for any deprecation period. Apparently, the C libfuse magically converts `allow_root` into `allow_other` and a check on incoming request header UID. Three notes: 1) eww 2) I wish such a thing existed as documentation 3) we're not going to do magic. Fixes #144
bazil · Jan 17, 2020 · e0b8970 · e0b8970
1 parent d6840b2
commit e0b8970
Show file tree

Hide file tree

Showing 3 changed files with 3 additions and 56 deletions.
diff --git a/fuse.go b/fuse.go
@@ -90,8 +90,8 @@
 // inspect req.Pid, req.Uid, and req.Gid as necessary to implement
 // permission checking. The kernel FUSE layer normally prevents other
 // users from accessing the FUSE file system (to change this, see
-// AllowOther, AllowRoot), but does not enforce access modes (to
-// change this, see DefaultPermissions).
+// AllowOther), but does not enforce access modes (to change this, see
+// DefaultPermissions).
 //
 // Mount Options
 //

diff --git a/options.go b/options.go
@@ -148,37 +148,14 @@ func DaemonTimeout(name string) MountOption {
 	return daemonTimeout(name)
 }
 
-var ErrCannotCombineAllowOtherAndAllowRoot = errors.New("cannot combine AllowOther and AllowRoot")
-
 // AllowOther allows other users to access the file system.
-//
-// Only one of AllowOther or AllowRoot can be used.
 func AllowOther() MountOption {
 	return func(conf *mountConfig) error {
-		if _, ok := conf.options["allow_root"]; ok {
-			return ErrCannotCombineAllowOtherAndAllowRoot
-		}
 		conf.options["allow_other"] = ""
 		return nil
 	}
 }
 
-// AllowRoot allows root (but not just everyone) to access the file
-// system.
-//
-// Only one of AllowOther or AllowRoot can be used.
-//
-// FreeBSD ignores this option.
-func AllowRoot() MountOption {
-	return func(conf *mountConfig) error {
-		if _, ok := conf.options["allow_other"]; ok {
-			return ErrCannotCombineAllowOtherAndAllowRoot
-		}
-		conf.options["allow_root"] = ""
-		return nil
-	}
-}
-
 // AllowDev enables interpreting character or block special devices on the
 // filesystem.
 func AllowDev() MountOption {
@@ -202,7 +179,7 @@ func AllowSUID() MountOption {
 //
 // Without this option, the Node itself decides what is and is not
 // allowed. This is normally ok because FUSE file systems cannot be
-// accessed by other users without AllowOther/AllowRoot.
+// accessed by other users without AllowOther.
 //
 // FreeBSD ignores this option.
 func DefaultPermissions() MountOption {

diff --git a/options_test.go b/options_test.go
@@ -158,36 +158,6 @@ func TestMountOptionAllowOther(t *testing.T) {
 	// client.
 }
 
-func TestMountOptionAllowOtherThenAllowRoot(t *testing.T) {
-	maybeParallel(t)
-	mnt, err := fstestutil.MountedT(t, fstestutil.SimpleFS{fstestutil.Dir{}}, nil,
-		fuse.AllowOther(),
-		fuse.AllowRoot(),
-	)
-	if err == nil {
-		mnt.Close()
-	}
-	if g, e := err, fuse.ErrCannotCombineAllowOtherAndAllowRoot; g != e {
-		t.Fatalf("wrong error: %v != %v", g, e)
-	}
-}
-
-// TODO test AllowRoot; hard because needs system-level authorization
-
-func TestMountOptionAllowRootThenAllowOther(t *testing.T) {
-	maybeParallel(t)
-	mnt, err := fstestutil.MountedT(t, fstestutil.SimpleFS{fstestutil.Dir{}}, nil,
-		fuse.AllowRoot(),
-		fuse.AllowOther(),
-	)
-	if err == nil {
-		mnt.Close()
-	}
-	if g, e := err, fuse.ErrCannotCombineAllowOtherAndAllowRoot; g != e {
-		t.Fatalf("wrong error: %v != %v", g, e)
-	}
-}
-
 type unwritableFile struct{}
 
 func (f unwritableFile) Attr(ctx context.Context, a *fuse.Attr) error {