Re: [Tails-dev] MFSA 2015-78 (aka. CVE-2015-4495) vs. Tails

This message is part of the following thread:
Mthe complete thread tree sorted by date
MMJacob Appelbaum at <-
MMGeorg Koppen at ->
Delete this message

Reply to this message
Author: intrigeri
Date:  
To: The Tails public development discussion list
Subject: Re: [Tails-dev] MFSA 2015-78 (aka. CVE-2015-4495) vs. Tails
Jacob Appelbaum wrote (07 Aug 2015 10:37:25 GMT) :
> I've heard that the exploit in the wild doesn't work against esr31 - I
> haven't heard that it isn't impacted at all.

Mozilla folks have explicitly written on their "enterprise" list that
FF31 is not affected.

> ( I think the apparmor profile may contain some of the worst aspects
> but only until an attacker figures out how to make a hard link.

May you please elaborate on the hardlink aspect? It rings a bell, but
I don't remember the specifics.

Cheers,
--
intrigeri

This message was posted to the following mailing lists:
tails-dev
Mailing List Info | Nearby Messages		<-Re: [Tails-dev] MFSA 2015-78 (aka. CVE-2015-4495) vs. TailsRe: [Tails-dev] MFSA 2015-78 (aka. CVE-2015-4495) vs. Tails->
lists.autistici.org administrated by postmasterLurker (version 2.3)