On 12/12/2018 11:59 PM, Marc Lehmann wrote:
> As you say, there are several ways, some where the user can choose to
> make the files accessible and some where she can choose to not make them
> available.

I'm not sure what you mean by this.

> The point is that the user should be in control of whether files are
> accessible to other users or not.

They are; if you don't want files to be accessible to someone then set
up the permissions so they don't have access and/or don't give them
access to mount the volume and/or run programs like gparted as root.

> gparted doesn't allow that choice, and what's worse, it's not even obvious
> that it potentially makes files available that normally wouldn't. Resizing a
> filesystem should not expose files to other users that normally wouldn't.

If you can run gparted, then you can mount the filesystem at will.
While it isn't immediately obvious that resizing a btrfs filesystem will
cause it to be mounted temporarily, it isn't getting you any more access
than you already had.  Also your typical desktop environment these days
lets users click on unmounted volumes and they will auto mount them,
which brings us back to setting the permissions correctly inside the volume.

> Your argument could be applied to users homedirectories as well - if
> gparted temporarily did "chmod 777 ~" it wouldn't be a bug according to
> your logic as well.

No, it wouldn't.  Your argument is more like saying my home directory is
777 but I normally don't keep it mounted so nobody can access it, so now
it is a problem that anyone can click on the volume to mount it and then
have full access to my files.  The problem is the permissions, not the
mounting.

> Or maybe I misunderstood you, but it seems you are saying "since the user
> could choose to make files available to other users, it's not a bug that
> gparted silently does it without asking or notifying the user that it would
> do so".

No; I'm saying that if you don't want the files available then set the
permissions correctly, and if you don't want users to be able to mount
the filesystem, then don't let them run gparted or mount filesystems
using other tools.

Attachment: signature.asc
Description: OpenPGP digital signature

Reply via email to