MobileRead Forums - View Single Post

JoeD · 11-04-2011, 10:39 AM

It may be a local only exploit, but you do need to consider that any user level remote exploit could then piggy back on this to gain full root access. Granted there's likely numerous local level exploits in other apps and it was the remote user level bug that was the really major one.

However, one poster in that bug thread did hit an important issue, calibre or the website should warn users that installing the mount helper will allow any local user to gain root access to the machine. Since as everyone else points out here, for most users they won't care about that, so long as it's local and not remote, but at least those who do care are now informed and can remedy things on their own.

11-04-2011, 10:39 AM	#16
JoeD Guru Posts: 895 Karma: 4383958 Join Date: Nov 2007 Device: na	It may be a local only exploit, but you do need to consider that any user level remote exploit could then piggy back on this to gain full root access. Granted there's likely numerous local level exploits in other apps and it was the remote user level bug that was the really major one. However, one poster in that bug thread did hit an important issue, calibre or the website should warn users that installing the mount helper will allow any local user to gain root access to the machine. Since as everyone else points out here, for most users they won't care about that, so long as it's local and not remote, but at least those who do care are now informed and can remedy things on their own.