Re: [Tails-dev] MFSA 2015-78 (aka. CVE-2015-4495) vs. Tails

Nachricht löschen

Nachricht beantworten
Autor: intrigeri
Datum:  
To: The Tails public development discussion list
Betreff: Re: [Tails-dev] MFSA 2015-78 (aka. CVE-2015-4495) vs. Tails
Jacob Appelbaum wrote (07 Aug 2015 10:37:25 GMT) :
> I've heard that the exploit in the wild doesn't work against esr31 - I
> haven't heard that it isn't impacted at all.


Mozilla folks have explicitly written on their "enterprise" list that
FF31 is not affected.

> ( I think the apparmor profile may contain some of the worst aspects
> but only until an attacker figures out how to make a hard link.


May you please elaborate on the hardlink aspect? It rings a bell, but
I don't remember the specifics.

Cheers,
--
intrigeri