Guest account can read/write in /media/
Bug #882862 reported by
Fred
This bug affects 2 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
lightdm (Ubuntu) |
Fix Released
|
Medium
|
Martin Pitt |
Bug Description
The guest account can everything under /media/.
Is the guest account really supposed to be able to access and read all the files on the host computer?
If yes, then is the guest account really really supposed to be able to write to /media/ ?
Shouldn't the guest be limited to his temporary home in /tmp/ ?
Related branches
security vulnerability: | no → yes |
To post a comment you must log in.
Hi Fred - Thanks for taking the time to file this bug report.
If your concern is only about the /media directory, the guest user should be able to read and search that directory. The guest account should not be able to write to that directory. I've verified that to be the case on several freshly installed Oneiric systems.
However, I suspect your concern is about the guest account being able to read and write to USB storage devices that are mounted inside the /media directory (/media/2DC0-D277/, for example). Is this correct?