edubuntu-bugs team mailing list archive
-
edubuntu-bugs team
-
Mailing list archive
-
Message #02841
[Bug 885027] Re: SUID Mount Helper has 5 Major Vulnerabilities
>The mount helper was only used if udisks is not present. calibre still
works out of the box on the vast majority of modern Linux distros.
Please correct me if I'm wrong,
even if you have a modern distro with udisks, if you installed calibre via the official binary install, which is recommended in the website ("Please do not use your distribution provided calibre package, as those are often buggy/outdated. Instead use the Binary install described below. ") then calibre-mount-helper gets installed automatically even if udisks is present. Doesn't matter if calibre uses it or not. Every user that followed that advise is now vulnerable to privilege escalation.
--
You received this bug notification because you are a member of Edubuntu
Bugsquad, which is subscribed to calibre in Ubuntu.
https://bugs.launchpad.net/bugs/885027
Title:
SUID Mount Helper has 5 Major Vulnerabilities
To manage notifications about this bug go to:
https://bugs.launchpad.net/calibre/+bug/885027/+subscriptions