edubuntu-bugs team mailing list archive

Thread
Date

[Bug 885027] Re: calibre bug 885027

To: edubuntu-bugs@xxxxxxxxxxxxxxxxxxx
From: Kovid Goyal <885027@xxxxxxxxxxxxxxxxxx>
Date: Thu, 03 Nov 2011 15:15:13 -0000
Reply-to: Bug 885027 <885027@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

@Rosenberg: Yes, I have. And you were warned, this is the last response you
will get from me.

@Mike: Many distros replace calibre-mount-helper with something suitable for
the particular distros' disk handling strategy, and I encourage you to do the
same in Gentoo if you dont already do it (incidentaly I'm a Gento user). You
can actually do something as simple as replacing it with a bash script that
always returns an error code and does nothing else. Add udisks as a calibre
dependency and calibre will automatically use udisks via DBUS when available. This
will, of course, break for those users for whom udisks doesn't work for
whatever reason. Whether that is a large fraction of Gentoo users or not, only you
can judge. This discussion really applies only to the calibre binary download,
which does no dependency resolution and is intended to *work out of the box*
on a huge variety of linux systems. Unfortunately, linux has historically had
no universal way to handle removable disks without root access, neccessitating
the use of a suid executable.

-- 
You received this bug notification because you are a member of Edubuntu
Bugsquad, which is subscribed to calibre in Ubuntu.
https://bugs.launchpad.net/bugs/885027

Title:
  SUID Mount Helper has 5 Major Vulnerabilities

To manage notifications about this bug go to:
https://bugs.launchpad.net/calibre/+bug/885027/+subscriptions