Comment 2 for bug 885027
Revision history for this message
| Kovid Goyal (kovid) wrote Re: calibre bug 885027 | #2 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
(Get the code!)
I dont see how 1-3 are security vulnerabilities. 4 is a vulnerability only if
mount itself is vulnerable to command line injection. 5 is indeed a
vulnerability, but is neccesitated by the non uniformity of linux filesystems
(mount, eject can be located anywhere). 5 can be mitigated by first checking
for mount and eject in "standard" locations and only then trying all of PATH,
changes for that will be in the next release.