Quote:
Originally Posted by frostschutz
You imply physical access and local problem, but all it takes for an attacker is to offer a Calibre plugin for download really. If Calibre provides both the local root exploit and the trust needed to get users to execute their code, that's a very serious issue.
Security is one of the reasons why people choose Linux. However it's only secure as long as every security issue, no matter how small, is taken very seriously and fixed soonest possible.
You can't talk an issue like this away - you can only fix it.
|
A hypothetical but valid scenario. One could work around that by restricting device Interface drivers from user installable plugins - that way any code with the ability to call the mount function always needs to be vetted through the main release process. Anyway Calibre already warns users that plugins represent real security vulnerabilities, as they can bundle arbitrary executable code and launch it - I don't think a hacker looking to deliver a Trojan via a Calibre plugin needs to use an approach this obscure. As Kovid and the others have already said - the hacker needs to gain access to something else in order for the exploit to be useful, in this example it's the user's trust, which is true of any Trojan.