| Package: chromium
Version: 138.0.7204.49-1~deb12u1 I am experiencing very weird and suspicious issue on debian 12. For context, I am using grsecurity + RBAC, which gives me the
possibility to see what files each program wants to access. My issue is
not caused by RBAC. but RBAC brought my attention to this issue. SO, I have upgraded chromium browser to: 138.0.7204.49 and suddenly when chromium starts, in addition to trying to access the
usual files in my home, such as ~/.config/chromium or ~/.cache , it now
tries to access sensitive folders on my system: ~/.ssh/
~/.gnupg/
~/.dbus/
/boot/ (while ~/.dbus is not as immediately alarming as the others, Chromium
accessing this when it didn't before is still a change in behavior that
deserves scrutiny) this never happened before. I am sure, because the RBAC rules that I am
using would have alerted me. this is highly suspicious and potentially a serious security issue ! this issue was originally reported on chromium 138, fixed in next version, and now it's back in version 140.0.7339.80 |