On 12/12/2018 11:59 PM, Marc Lehmann wrote: > As you say, there are several ways, some where the user can choose to > make the files accessible and some where she can choose to not make them > available.
I'm not sure what you mean by this. > The point is that the user should be in control of whether files are > accessible to other users or not. They are; if you don't want files to be accessible to someone then set up the permissions so they don't have access and/or don't give them access to mount the volume and/or run programs like gparted as root. > gparted doesn't allow that choice, and what's worse, it's not even obvious > that it potentially makes files available that normally wouldn't. Resizing a > filesystem should not expose files to other users that normally wouldn't. If you can run gparted, then you can mount the filesystem at will. While it isn't immediately obvious that resizing a btrfs filesystem will cause it to be mounted temporarily, it isn't getting you any more access than you already had. Also your typical desktop environment these days lets users click on unmounted volumes and they will auto mount them, which brings us back to setting the permissions correctly inside the volume. > Your argument could be applied to users homedirectories as well - if > gparted temporarily did "chmod 777 ~" it wouldn't be a bug according to > your logic as well. No, it wouldn't. Your argument is more like saying my home directory is 777 but I normally don't keep it mounted so nobody can access it, so now it is a problem that anyone can click on the volume to mount it and then have full access to my files. The problem is the permissions, not the mounting. > Or maybe I misunderstood you, but it seems you are saying "since the user > could choose to make files available to other users, it's not a bug that > gparted silently does it without asking or notifying the user that it would > do so". No; I'm saying that if you don't want the files available then set the permissions correctly, and if you don't want users to be able to mount the filesystem, then don't let them run gparted or mount filesystems using other tools.
signature.asc
Description: OpenPGP digital signature

