Re: [Utopia] [patch] Disable automounting when screen saver is running

From: "Kay Sievers" <kay sievers vrfy org>
To: "David Zeuthen" <david fubar dk>
Cc: utopia-list gnome org
Subject: Re: [Utopia] [patch] Disable automounting when screen saver is running
Date: Thu, 16 Nov 2006 08:21:19 +0100

On 11/15/06, David Zeuthen <david fubar dk> wrote:

One of our security dudes at Red Hat mentioned a possible attack vector.

When the screen saver is running, the user may not be around to keep an
eye on their machine. There are a number of security attacks with a
specially crafted filesystem that can happen since the automounter
effectively performs mount, which is a privileged command, and reads the
directory contents.


Are we going to hack around people, that have physical access to the
box and are able to add/remove hardware now? How about a corrupt
network card and NetworkManager? Should we disable NM, when the
screensaver is active too? Same problem with PTP cameras, and ...

I would say we should leave such "problems" to the proper
infrastructure with console activity tracking, instead of introducing
such weird hacks. :)

Kay

Follow-Ups:
- Re: [Utopia] [patch] Disable automounting when screen saver is running
  - From: Jeffrey Stedfast
- Re: [Utopia] [patch] Disable automounting when screen saver is running
  - From: Simon Howard

References:
- [Utopia] [patch] Disable automounting when screen saver is running
  - From: David Zeuthen

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]