edubuntu-bugs team mailing list archive

Thread
Date

[Bug 885027] Re: SUID Mount Helper has 5 Major Vulnerabilities

To: edubuntu-bugs@xxxxxxxxxxxxxxxxxxx
From: "Jason A. Donenfeld" <885027@xxxxxxxxxxxxxxxxxx>
Date: Fri, 04 Nov 2011 19:51:36 -0000
Reply-to: Bug 885027 <885027@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

My final word is that you should give up trying to reinvent the wheel,
and use a method supplied by the distro for mounting disks. It's not
worth my time to play whack-a-mole here. As Dan said, "Usually I get
paid good money to own software this hard, and I don't think you're
worth making an exception." Indeed.

The solution is easy and obvious, but it involves backing away from
stubbornness and accepting that the distro-supplied tools handle
mounting inline with distro policy, and it isn't your place to reinvent
things. Take a look at Gentoo Mike's post from a while back -- it's dead
on. Besides, you haven't even begun to address issues #1-#3.

I believe this discussion is over. Goodbye Kovid. I wish you well with
Calibre and that you can restore the security confidence of your users.

-- 
You received this bug notification because you are a member of Edubuntu
Bugsquad, which is subscribed to calibre in Ubuntu.
https://bugs.launchpad.net/bugs/885027

Title:
  SUID Mount Helper has 5 Major Vulnerabilities

To manage notifications about this bug go to:
https://bugs.launchpad.net/calibre/+bug/885027/+subscriptions