Quote:
Originally Posted by clarknova
Is there anything in the 3.x otaup script that would explain why they moved the remount before the initial unpack again? Or are the guys at lab126 just being nice?
|
Actually, believe it or not, I tried the exact same jailbreak on 3.0.0 about a month ago, and it didn't work. Well, the subsequent test updates bitched about file signatures being wrong, so
I assumed it didn't work. I fixed the updater to calculate the checksum of the dat file, so I was pretty sure that the reason updates didn't work was that the key had not gotten installed. My understanding was that in 3.0.0 they used busybox with the fixed tar (the one that
doesn't actually follow symlinks). Unless I am mistaken, for 3.0.1 update Amazon replaced this 3.0.0 busybox with the "broken" (or older version) busybox, which works like the one in 2.5 and earlier versions. Why did they do it, I cannot understand.
However, they may have moved "mntroot rw" to the beginning of the install loop for that very reason that there was no longer any danger from tar bombs. When they rolled busybox back they should have moved the mntroot rw back to where it had been in 2.5, but they did not.
The other possibility is that my testing was wrong, and jailbreak actually did work on 3.0.0. But that would mean that 3.0 was not based on 2.5, and not even on 2.3, but on even earlier version of FW. At least the parts of it that handle the update (otaup).