Because mounts are performed as privileged users (root on Linux and macOS, SYSTEM on Windows), they allow write access to the whole host operating system.
On Linux, this is only partially true: it does not hold if installed via snap.
Proposal to fix issue or enact suggestion
Explain that snap confinement prevents mounts outside of the /home directory (and to hidden files/folders in the /home directory) and possibly, removable media (depending on connected interfaces). Still, clarify that a user A with access to Multipass can still access mounts that a different user B was able to establish to B's home (i.e. outside of user's A home).
Description of documentation issue or suggestion
The documentation page for "mount" says
On Linux, this is only partially true: it does not hold if installed via snap.
Proposal to fix issue or enact suggestion
Explain that snap confinement prevents mounts outside of the
/home
directory (and to hidden files/folders in the/home
directory) and possibly, removable media (depending on connected interfaces). Still, clarify that a user A with access to Multipass can still access mounts that a different user B was able to establish to B's home (i.e. outside of user's A home).Additional context https://snapcraft.io/docs/home-interface https://snapcraft.io/docs/removable-media-interface