edubuntu-bugs team mailing list archive

Thread
Date

[Bug 885027] Re: SUID Mount Helper has 5 Major Vulnerabilities

To: edubuntu-bugs@xxxxxxxxxxxxxxxxxxx
From: Dan Rosenberg <885027@xxxxxxxxxxxxxxxxxx>
Date: Fri, 04 Nov 2011 19:56:36 -0000
Reply-to: Bug 885027 <885027@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

I keep trying to leave this bug report but I keep getting dragged in.
It's worse than Twitter.

"As I suspected, you're in this not to contribute something to the
community, but as a destructive influence. You will not be missed."

You seriously think I came to this thread to start a fight with you?
What about the several *hundred* other security bugs I've fixed in open
source software on my own free time?

"Every time I was convinced of the existence of an actual exploit, I
have attempted to fix it."

Except for the part where I posted a working exploit and you completely
ignored me.

"Maybe my fixes were naive, but dont forget that it's a lot easier to
find holes in something, than to build somethig without holes in the
first place."

I disagree, I think it's more like "it's easier to do something properly
from the beginning than to patch a broken implementation one exploit at
a time."

Your code is still broken, you can mount a legitimate block device on
top of another directory in /dev by exploiting the mountpoint race that
still exists, and then use that now-writable directory in /dev to mount
an arbitrary filesystem on top of wherever.  I suggest you accept
Jason's patch and stop trying to fix this code.

-- 
You received this bug notification because you are a member of Edubuntu
Bugsquad, which is subscribed to calibre in Ubuntu.
https://bugs.launchpad.net/bugs/885027

Title:
  SUID Mount Helper has 5 Major Vulnerabilities

To manage notifications about this bug go to:
https://bugs.launchpad.net/calibre/+bug/885027/+subscriptions