On 12/12/2018 3:50 AM, Marc Lehmann wrote:
> Package: gparted
> Version: 0.25.0-1+b1
> Severity: normal
> 
> Dear Maintainer,
> 
> for some operations, gparted mounts partitions under /tmp/gparted-XXXXXX 
> without any protection
> against access. This makes these partitions potentially accessible to other 
> users on the system while
> the operation runs.
> 
>    * What led up to the situation?
> 
> Resizing a btrfs partition.
> 
>    * What was the outcome of this action?
> 
> While resizing, the partion was mounted under /tmp/gparted-BSeLY6,
> accessible to all users, potentially allowing other users to read or write
> the data:

I'm not sure this can be considered a bug.  There are several ways the
user could have the filesystem mounted in a non temporary manner and if
the permissions of the filesystem allow them access, then they can
access it.



Attachment: signature.asc
Description: OpenPGP digital signature

Reply via email to