[conspire] Autorun in GNOME/Nautilus
ruben at mrbrklyn.com
Tue Sep 27 16:41:00 PDT 2011
On 09/27/2011 06:34 PM, Rick Moen wrote:
> Quoting Ruben Safir (ruben at mrbrklyn.com):
>> My opensuse distro is defaulted to Gnome and I've never seen it start
>> any application automatically from a thumbdrive or a disk.
> Further reading, and going back and consulting the FDO spec, reveals
> that I missed an important sentence. So, I take back (and regret) that
> The desktop environment MUST prompt the user for confirmation before
> automatically starting an application.
> (I really don't entirely like 'Is it OK to run some executable you've
> never seen on a USB stick?' dialogues as a security solution, but must
> admit that it's miles away from merely enabling autorun on mount.)
> Nick is correct that the thumbnailers (of which there are several in a
> typical GNOME setup, not just the one in Nautilus) are the juicier
> target. Fortunately, I'm seeing signs that this is being recognised and
> dealt with via AppArmor, position-independent executables (PIE),
> software to use the No eXecute bit (PaX or Exec Shield), and address
> space layout randomization (ASLR).
I've been wondering what the heck apparmour is. I thought it was
something Novell added to the OS which was unnecessary.
As of now, the OS has never prompted me to run anything either.
Everything has functioned like a regular unix situation.
> conspire mailing list
> conspire at linuxmafia.com
More information about the conspire