Comment 24 for bug 885027
Revision history for this message
| Kovid Goyal (kovid) wrote Re: calibre bug 885027 | #24 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
(Get the code!)
I've already committed a fix for symlinks in /dev, maybe you missed my last
comment.
pmount will not work, I have told you why
it will not work. I am not going to repeat myself.
Let's recap:
First note that unprivileged users cannot create symlinks in /dev
on any well designed system. So symlink attacks are not actually
possible, nonetheless, I have already removed the possibility of using
symlinks under /dev.
calibre-
1) Delete empty directories only under /media. I see absolutely nothing wrong with
that.
2) Mount anything under /dev to anything under /media. Again I see nothing
wrong with that, outside of highly system specific scenarios. Feel free to
post a general purpose exploit, if you can come up with one, I can always fix
it.
3) Unmount anything under /media
4) Create empty directories anywhere on the system.
This can be fixed, with some effort, but I am not yet convinced
it is an actual vulnerability.
*) Something else courtesy of a bug. If such a thing exists, point it out and
I will fix it.
Just a note about all the histrionics around "critical" security
exploits. calibre is designed to run mainly on end user computers (single
user, typically a desktop or a laptop). On such a machine if a malicous program
can run with user privileges it already has access to everything that actually
matters on the system, namely the user's data. Privilege escalation would be
useful only in trying to hide the traces of the intrusion. The damage is
already done. Undoubtedly there are plenty of scenarios where that is not
true, but the fact remains that for the vast majority of calibre users, this
is a non issue. So kindly tone down the hyperbole, and restrict your posts to
discussion of calibre-