Bug #7412

Universal USB Installer tries to remove the live-media=removable protection

Added by intrigeri 2014-06-13 07:07:14 . Updated 2014-07-19 22:13:00 .

Status:
Resolved
Priority:
Low
Assignee:
intrigeri
Category:
Installation
Target version:
Start date:
2014-06-13
Due date:
% Done:

0%

Feature Branch:
Type of work:
Communicate
Blueprint:

Starter:
0
Affected tool:
Deliverable for:

Description

If Bug #7411 was not mistakenly protecting against this bug, UUI 1.9.5.3 would be replacing live-media=removable with root=LABEL=UUI live-media-path=/live. As a result, live-boot in the initramfs would gladly use a possibly malicious SquashFS found on the internal hard-drive.


Subtasks


Related issues

Related to Tails - Bug #7411: Universal USB Installer Tails-specific code has not been updated since we ship a 64-bit kernel Resolved
Related to Tails - Bug #7378: Universal USB Installer creates unbootable devices Resolved 2014-06-21

History

#1 Updated by intrigeri 2014-06-13 07:07:27

  • related to Bug #7411: Universal USB Installer Tails-specific code has not been updated since we ship a 64-bit kernel added

#2 Updated by intrigeri 2014-06-13 07:30:37

  • related to Bug #7378: Universal USB Installer creates unbootable devices added

#3 Updated by intrigeri 2014-06-13 09:29:06

Meta: that’s not a blocker for 1.1, but I’ve flagged it for this version because even if Bug #7378 and Bug #7411 are fixed in time (unlikely), and if we want to stick with UUI, then this bug will be the next one to tackle.

#4 Updated by intrigeri 2014-06-20 08:23:44

Reported upstream: https://mailman.boum.org/pipermail/tails-dev/2014-June/006158.html

Actually, even if live-media=removable was not removed, root= would override it, and then live-boot would skip the removable checks.

#5 Updated by intrigeri 2014-06-20 08:34:10

  • Priority changed from Elevated to Low
  • Target version deleted (Tails_1.1)
  • Type of work changed from Code to Communicate

Same as Bug #7411: this code isn’t active currently, so it’s not causing actual problems. Downgrading severity accordingly.

#6 Updated by sajolida 2014-06-29 14:22:54

  • Category set to Installation

#7 Updated by BitingBird 2014-07-19 22:13:00

  • Status changed from Confirmed to Resolved

fixed in 1.9.5.4