I keep trying to leave this bug report but I keep getting dragged in. It's worse than Twitter.
"As I suspected, you're in this not to contribute something to the community, but as a destructive influence. You will not be missed." You seriously think I came to this thread to start a fight with you? What about the several *hundred* other security bugs I've fixed in open source software on my own free time? "Every time I was convinced of the existence of an actual exploit, I have attempted to fix it." Except for the part where I posted a working exploit and you completely ignored me. "Maybe my fixes were naive, but dont forget that it's a lot easier to find holes in something, than to build somethig without holes in the first place." I disagree, I think it's more like "it's easier to do something properly from the beginning than to patch a broken implementation one exploit at a time." Your code is still broken, you can mount a legitimate block device on top of another directory in /dev by exploiting the mountpoint race that still exists, and then use that now-writable directory in /dev to mount an arbitrary filesystem on top of wherever. I suggest you accept Jason's patch and stop trying to fix this code. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/885027 Title: SUID Mount Helper has 5 Major Vulnerabilities To manage notifications about this bug go to: https://bugs.launchpad.net/calibre/+bug/885027/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
