It's not possible for os-prober to reliably unmount it's filesystem mounts sadly, so hence the mount namespaces are necessary. Mounting file systems in the global mount namespace can easily make random things try to read them.
But also os-prober should probably use more namespaces. The grub file system drivers have a huge number of security issues and we should run them isolated, they should be using user namespaces, mount namespaces to hide / or have it all readonly, and like empty network namespaces so they can't phone home. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2099811 Title: Os-prober segmentation fault one message for each partition on same PC To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2099811/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
