On Tue, 9 Apr 2024 14:34:36 +0300 Antti-Pekka Känsälä wrote:
> > I am worried Gmail in a Firefox tab is able to break out of Firefox
> > somehow, gaining unauthorized access to 128 files on a mounted USB
stick.
For my initial bug report, I just quickly did a "wc -l" on a long initial
printout, so I was mistaken to claim those were distinct files, I don't
know if they were. But now I think it is strange that the same file should
be open so many times, it is wasteful at least and could lead to a cause
for the clinging.
The file is opened once accordingly to the output you posted. It is how
lsof reports usage in the case of multithread applications. Perhaps
other ways to deal with files exist, but I am in doubts concerning real
benefits for multithread applications related to privacy.
As to access to other files, you may try to figure out if Firefox uses
file picker provided by desktop-portal. Behavior may be different for
flatpak/snap and deb packages. I am unsure if XFCE uses some
desktop-portal implementation. This feature is intended to control what
files an application may access, however in the case of deb package
there is no barriers.
Maybe it has to do with semi-legitimate virus scanning,
You should know better if you have virus scanning software installed.
From my point of view, some file indexer should be more probable
variant (however it should ignore removable devices at least by default).
I continue to worry about my USB stick security.
You may find processes accessing specific files using autitd.
What actions do you expect from Debian maintainers? (I am not a maintainer.)