edubuntu-bugs team mailing list archive

Thread
Date

[Bug 885027] Re: SUID Mount Helper has 5 Major Vulnerabilities

To: edubuntu-bugs@xxxxxxxxxxxxxxxxxxx
From: Kovid Goyal <885027@xxxxxxxxxxxxxxxxxx>
Date: Fri, 04 Nov 2011 12:02:36 -0000
Reply-to: Bug 885027 <885027@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

@halfdog: Indeed, a standalone, zero config library that allows
unprivileged programs to securely mount and eject USB drives would be a
blessing for several programs, not just calibre. I have learned a great
deal in the process of fixing the issues brought up in this bug report
and if it turns out that the mount helper can be made secure enough,
then it is a good candidate for the role.  It is a simple 300 lines of
easily compiled C code that works on FreeBSD, NetBSD and all linux
flavors. I would hate to have to abandon all the calibre users on older
distributions and BSDs for the absence of such a library.

@Jason: Any news on your attempt at a new exploit?

-- 
You received this bug notification because you are a member of Edubuntu
Bugsquad, which is subscribed to calibre in Ubuntu.
https://bugs.launchpad.net/bugs/885027

Title:
  SUID Mount Helper has 5 Major Vulnerabilities

To manage notifications about this bug go to:
https://bugs.launchpad.net/calibre/+bug/885027/+subscriptions