Bug #7412
Universal USB Installer tries to remove the live-media=removable protection
0%
Description
If Bug #7411 was not mistakenly protecting against this bug, UUI 1.9.5.3 would be replacing live-media=removable with root=LABEL=UUI live-media-path=/live. As a result, live-boot in the initramfs would gladly use a possibly malicious SquashFS found on the internal hard-drive.
Subtasks
History
#1 Updated by intrigeri 2014-06-13 07:07:27
- related to
Bug #7411: Universal USB Installer Tails-specific code has not been updated since we ship a 64-bit kernel added
#2 Updated by intrigeri 2014-06-13 07:30:37
- related to
Bug #7378: Universal USB Installer creates unbootable devices added
#3 Updated by intrigeri 2014-06-13 09:29:06
Meta: that’s not a blocker for 1.1, but I’ve flagged it for this version because even if Bug #7378 and Bug #7411 are fixed in time (unlikely), and if we want to stick with UUI, then this bug will be the next one to tackle.
#4 Updated by intrigeri 2014-06-20 08:23:44
Reported upstream: https://mailman.boum.org/pipermail/tails-dev/2014-June/006158.html
Actually, even if live-media=removable was not removed, root= would override it, and then live-boot would skip the removable checks.
#5 Updated by intrigeri 2014-06-20 08:34:10
- Priority changed from Elevated to Low
- Target version deleted (
Tails_1.1) - Type of work changed from Code to Communicate
Same as Bug #7411: this code isn’t active currently, so it’s not causing actual problems. Downgrading severity accordingly.
#6 Updated by sajolida 2014-06-29 14:22:54
- Category set to Installation
#7 Updated by BitingBird 2014-07-19 22:13:00
- Status changed from Confirmed to Resolved
fixed in 1.9.5.4