← Back to team overview

edubuntu-bugs team mailing list archive

[Bug 885027] Re: calibre bug 885027

 

@preston:

Well, let me say that if I was the one that first showed attitude, I
apologize. But you have to remember that I do *all* calibre bug triage (besides
doing a large part of the developement). I get to deal with lots of bug
reports from people, the vast majority of which are dubious at best. In
Jason's original post, only one of his five flaws seemed serious to me (the one
he attached an exploit for), so that is the one I fixed. It turned out I was
wrong about the mount exploit, but, from my perspective, I don't know Jason
from Adam, and he has to convince me of the seriousness of his claims, merely
saying they are serious is something I will ignore, from long and exhausting
experience. When he did prove its seriousness to me, I tried to fix it, as
best I could. 

You may well ask why I didn't just take his advice and abandon the mount
helper. For me to do something that drastic, I must be convinced it is indeed
the best course possible. That may make me stubborn at times, but it is also
the attitude that ensures calibre remains as stable as possible.

-- 
You received this bug notification because you are a member of Edubuntu
Bugsquad, which is subscribed to calibre in Ubuntu.
https://bugs.launchpad.net/bugs/885027

Title:
  SUID Mount Helper has 5 Major Vulnerabilities

To manage notifications about this bug go to:
https://bugs.launchpad.net/calibre/+bug/885027/+subscriptions