Package: os-prober
Version: 1.81
Severity: normal

Dear Maintainer,

During execution of os-prober, other processes on the system can see the
temporary mounts to /var/lib/os-prober/mount even though os-prober runs
in a separate mount namespace.

In order to run os-prober in a more isolated mode, we introduced the
newns.c source file a while ago. We build it to a binary and ship it in
os-prober and os-prober-udeb.

The original idea was to run os-prober in a private mount namespace.
Sadly, calling the unshare(CLONE_NEWNS) system call is only enough to
create a new mount namespace. But it is not enough to make the new
namespace private.

While we can patch newns.c to make the new mount namespace private,
relying on unshare(1) from util-linux (which is an essential package)
seems like a more viable option.

I will open a PR with a potential fix.


See also:

-- System Information:
Debian Release: bookworm/sid
  APT prefers lunar
  APT policy: (500, 'lunar')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.1.0-16-generic (SMP w/8 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages os-prober depends on:
ii  grub-common  2.06-2ubuntu16
ii  libc6        2.37-0ubuntu2
ii  mount        2.38.1-4ubuntu1

os-prober recommends no packages.

os-prober suggests no packages.

-- no debconf information

Reply via email to