MainInclusionReportNtfs-3g

Main Inclusion Report for ntfs-3g

Requirements

  1. Availability: http://archive.ubuntu.com/ubuntu/pool/universe/n/ntfs-3g; available for all supported architectures.

  2. Rationale:

    • ntfs-3g is the current generation of NTFS-handling code, capable of write support which has hitherto been lacking; this has been a problem for migration from Windows in the past. See write-support-for-ntfs, targeted for gutsy in order to support installer-for-windows.

    • Also cf. bug 121143, though that problem could be solved in other ways.

  3. Security:

    • CVE entries: none

    • Secunia history: none

    • Looking through the project's own published release history, I find one item that appears to be a vulnerability:

      • 1.516 (May 16, 2007): fix: Linux security exploit if ntfs-3g was setuid and the FUSE kernel driver wasn't loaded yet during mount
    • ntfs-3g typically runs as root implementing a filesystem via FUSE; in the normal Ubuntu configuration I expect that NTFS filesystems will be automounted read/write by members of the plugdev group. It thus resides on a security boundary, albeit one which tends to be occupied by users with some level of administrative or local access to the system. The binary is setuid root and executable by the fuse group.
    • ntfs-3g does not carry out any network activity.
    • I (ColinWatson) have not carried out any in-depth source code review.

  4. Quality assurance:

    • The package appears to work out of the box without configuration.
    • We think it is appropriate to support just one clear method of mounting NTFS filesystems, and thus we have installed a symlink to ntfs-3g in /sbin/mount.ntfs as well as /sbin/mount.ntfs-3g. ntfs-3g handles the uid=, gid=, and umask= mount options. Like its predecessor, ntfsmount, it does not handle iocharset=, nls=, utf8, uni_xlate=, or posix=. The first three will be handled in most cases by the fact that we have changed /etc/init.d/mountall.sh to source locale configuration, which ntfs-3g will honour. The last two may represent compatibility problems for some users, but I think they should probably just be documented in the release notes.
    • ntfs-3g does not ask any debconf questions.
    • Debian bugs: one remaining at time of writing, http://bugs.debian.org/434128, partially fixed by current fuse in gutsy and the rest fixed by yesterday's new upstream release.

    • Maintenance in Debian is vigorous, packaging new upstream releases in a timely manner.

    • Upstream is frenetic and responds to Debian bug reports; the lead developer has frequently been seen on Ubuntu bug reports in the past as well.

    • Upstream does not appear to have a proper bug tracker, but invites people to use a forum or a mailing list for problems.

    • I made a pass over the Ubuntu bug reports on ntfs-3g. The only interesting one I found was ntfs treated by default as POSIX, which appears to be a difference of opinion between upstream and a user which I am not qualified to judge. It seems to me that it poses no difficulty for read support and only poses a difficulty for write support if the user creates strange file names; my feeling is that we ought to be able to address this with a mention in the release notes.

  5. Standards compliance:

    • The package appears to comply with Debian policy and the FHS. Note that (as an Ubuntu change) it installs into /bin and /sbin rather than /usr in order to be usable for early mounts of filesystems.
    • ntfs-3g uses debhelper and dpatch, although it does not actually apply any patches at present.
  6. Dependencies:

    • ntfs-3g's main non-trivial dependency is FUSE (fuse-utils et al). Along with all its other dependencies, that is in main.
  7. Background information:

    • This is a partial successor to linux-ntfs (ntfsprogs, ntfsmount). See the upstream web site for detailed history.

Reviewers

ColinWatson (author of report) MartinPitt: approved

MainInclusionReportNtfs-3g (last edited 2008-08-06 16:15:35 by localhost)