It doesn’t, but it does look at what the file is (using lstat). Linux says it’s allowed, but FUSE rejects.
After digging through code again, I found that I started down the same tracing path two years ago:
Ignored folders are not really ignored
There are lots of checks on the path before it’s allowed in. Include/exclude is done after lstat check.
Let me do a check based on my old work, and you can try the same thing for Yandex FUSE mount.
# id
uid=0(root) gid=0(root) groups=0(root)
# ls -ln /run/user/1000
ls: cannot access '/run/user/1000/doc': Permission denied
ls: cannot access '/run/user/1000/gvfs': Permission denied
total 0
srw-rw-rw- 1 1000 1000 0 Jun 19 15:45 bus
drwx------ 3 1000 1000 60 Jun 19 15:45 dbus-1
drwx------ 2 1000 1000 60 Sep 7 19:57 dconf
d????????? ? ? ? ? ? doc
drwx------ 2 1000 1000 140 Jun 19 15:45 gnupg
d????????? ? ? ? ? ? gvfs
drwx------ 2 1000 1000 100 Jun 19 15:45 keyring
drwx------ 2 1000 1000 80 Jun 19 15:45 pulse
drwxr-xr-x 2 1000 1000 80 Jun 19 15:45 systemd
# stat /run/user/1000
File: /run/user/1000
Size: 240 Blocks: 0 IO Block: 4096 directory
Device: 33h/51d Inode: 2 Links: 10
Access: (0700/drwx------) Uid: ( 1000/ ted) Gid: ( 1000/ ted)
Access: 2022-09-08 20:51:00.604002609 -0400
Modify: 2022-07-05 19:48:20.505349706 -0400
Change: 2022-07-05 19:48:20.505349706 -0400
Birth: -
# stat /run/user/1000/gvfs
stat: cannot stat '/run/user/1000/gvfs': Permission denied
#
So that’s the explanation, and I’m glad you found an insecure workaround (too bad about allow-root).