gvfs/README.SUSE

Security of gvfs
================

gvfs allows to operate on files with root privileges from within
unprivileged graphical applications. This is for example used in the Nautilus
file manager via the `admin://` protocol.

There exist some inherent dangers to the design of gvfs that can weaken
your system's security. Please refer to this blog post [1] from the SUSE
security team for technical details. The post also contains recommendations
for users of gvfs [2].

[1]: https://security.opensuse.org/2025/02/21/kio-admin-admittance.html
[2]: https://security.opensuse.org/2025/02/21/kio-admin-admittance.html#7-recommendations-for-users-of-kio-admin-or-gvfs
- add README.SUSE about security concerns in gvfs (bsc#1205607) OBS-URL: https://build.opensuse.org/package/show/GNOME:Factory/gvfs?expand=0&rev=410 2025-02-25 10:56:53 +00:00			`Security of gvfs`
			`================`

			`gvfs allows to operate on files with root privileges from within`
			`unprivileged graphical applications. This is for example used in the Nautilus`
			file manager via the `admin://` protocol.

			`There exist some inherent dangers to the design of gvfs that can weaken`
			`your system's security. Please refer to this blog post [1] from the SUSE`
			`security team for technical details. The post also contains recommendations`
			`for users of gvfs [2].`

			`[1]: https://security.opensuse.org/2025/02/21/kio-admin-admittance.html`
			`[2]: https://security.opensuse.org/2025/02/21/kio-admin-admittance.html#7-recommendations-for-users-of-kio-admin-or-gvfs`