Package: gparted Version: 0.25.0-1+b1 Severity: normal Dear Maintainer,
for some operations, gparted mounts partitions under /tmp/gparted-XXXXXX without any protection against access. This makes these partitions potentially accessible to other users on the system while the operation runs. * What led up to the situation? Resizing a btrfs partition. * What was the outcome of this action? While resizing, the partion was mounted under /tmp/gparted-BSeLY6, accessible to all users, potentially allowing other users to read or write the data: drwxr-xr-x 1 root root 44 Dec 6 08:20 /tmp/gparted-BSeLY6 * What outcome did you expect instead? The partition data would not be accessible to other users. A somewhat simple fix would be to create a directory only accessible for the current user with a moiuntpoint inside, e.g,. something like: drwxr----- 1 root root 44 Dec 6 08:20 /tmp/gparted-BSeLY6 drwxr-xr-x 1 root root 44 Dec 6 08:20 /tmp/gparted-BSeLY6/realmountpoint -- System Information: Debian Release: 9.6 APT prefers stable APT policy: (990, 'stable'), (500, 'unstable-debug'), (500, 'testing-debug'), (500, 'stable-updates'), (500, 'stable-debug'), (500, 'unstable'), (500, 'testing'), (1, 'experimental-debug'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386, x32 Kernel: Linux 4.18.20-041820-generic (SMP w/8 CPU cores) Locale: LANG=C, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=C (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/bash Init: systemd (via /run/systemd/system) Versions of packages gparted depends on: ii libatkmm-1.6-1v5 2.24.2-2 ii libc6 2.27-8 ii libgcc1 1:8.2.0-10 ii libglib2.0-0 2.58.1-2 ii libglibmm-2.4-1v5 2.50.0-1 ii libgtk2.0-0 2.24.31-2 ii libgtkmm-2.4-1v5 1:2.24.5-1 ii libpangomm-1.4-1v5 2.40.1-3 ii libparted-fs-resize0 3.2-17 ii libparted2 3.2-17 ii libsigc++-2.0-0v5 2.10.0-1 ii libstdc++6 8.2.0-10 ii libuuid1 2.29.2-1+deb9u1 gparted recommends no packages. Versions of packages gparted suggests: pn dmraid <none> ii dmsetup 2:1.02.137-2 ii dosfstools 4.1-1 ii gpart 1:0.3-3 pn jfsutils <none> ii kpartx 0.6.4-5+deb9u1 ii mtools 4.0.18-2+b1 ii ntfs-3g 1:2016.2.22AR.1+dfsg-1 ii reiser4progs 1.1.0-3 ii reiserfsprogs 1:3.6.25-4+b1 ii xfsprogs 4.9.0+nmu1 ii yelp 3.22.0-1 -- no debconf information

