@Dan: As I suspected, you're in this not to contribute something to the community, but as a destructive influence. You will not be missed. Try and remember that I am not attempting to fix calibre-mount-helper for some sort of personal gain, but simply to allow people using calibre to have the best possible experience. I readily admit I don't know as much about secure coding as you do, but hey, at least one of us is trying to learn something. Look back at the start of this bug report. Every time I was convinced of the existence of an actual exploit, I have attempted to fix it. Maybe my fixes were naive, but dont forget that it's a lot easier to find holes in something, than to build somethig without holes in the first place.
@Jason: Indeed, I did overlook the second realpath call, now fixed. -- You received this bug notification because you are a member of Edubuntu Bugsquad, which is subscribed to calibre in Ubuntu. https://bugs.launchpad.net/bugs/885027 Title: SUID Mount Helper has 5 Major Vulnerabilities To manage notifications about this bug go to: https://bugs.launchpad.net/calibre/+bug/885027/+subscriptions _______________________________________________ Mailing list: https://launchpad.net/~edubuntu-bugs Post to : edubuntu-bugs@lists.launchpad.net Unsubscribe : https://launchpad.net/~edubuntu-bugs More help : https://help.launchpad.net/ListHelp