edubuntu-bugs team mailing list archive

Thread
Date

[Bug 885027] Re: SUID Mount Helper has 5 Major Vulnerabilities

To: edubuntu-bugs@xxxxxxxxxxxxxxxxxxx
From: Neo139 <885027@xxxxxxxxxxxxxxxxxx>
Date: Sat, 05 Nov 2011 15:24:38 -0000
Reply-to: Bug 885027 <885027@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

>The mount helper was only used if udisks is not present. calibre still
works out of the box on the vast majority of modern Linux distros.

Please correct me if I'm wrong,
even if you have a modern distro with udisks, if you installed calibre via the official binary install, which is recommended in the website ("Please do not use your distribution provided calibre package, as those are often buggy/outdated. Instead use the Binary install described below. ")  then calibre-mount-helper gets installed automatically even if udisks is present.  Doesn't matter if calibre uses it or not.  Every user that followed that advise is now vulnerable to privilege escalation.

-- 
You received this bug notification because you are a member of Edubuntu
Bugsquad, which is subscribed to calibre in Ubuntu.
https://bugs.launchpad.net/bugs/885027

Title:
  SUID Mount Helper has 5 Major Vulnerabilities

To manage notifications about this bug go to:
https://bugs.launchpad.net/calibre/+bug/885027/+subscriptions