[conspire] Autorun in GNOME/Nautilus

Ruben Safir ruben at mrbrklyn.com
Tue Sep 27 16:41:00 PDT 2011

On 09/27/2011 06:34 PM, Rick Moen wrote:
> Quoting Ruben Safir (ruben at mrbrklyn.com):
>> My opensuse distro is defaulted to Gnome and I've never seen it start
>> any application automatically from a thumbdrive or a disk.
> Further reading, and going back and consulting the FDO spec, reveals
> that I missed an important sentence.  So, I take back (and regret) that
> comment.
>     The desktop environment MUST prompt the user for confirmation before
>     automatically starting an application.
> http://standards.freedesktop.org/autostart-spec/autostart-spec-latest.html
> (I really don't entirely like 'Is it OK to run some executable you've
> never seen on a USB stick?' dialogues as a security solution, but must
> admit that it's miles away from merely enabling autorun on mount.)
> Nick is correct that the thumbnailers (of which there are several in a
> typical GNOME setup, not just the one in Nautilus) are the juicier
> target.  Fortunately, I'm seeing signs that this is being recognised and
> dealt with via AppArmor, position-independent executables (PIE),
> software to use the No eXecute bit (PaX or Exec Shield), and address
> space layout randomization (ASLR).
> http://www.outflux.net/blog/archives/2011/02/11/shaping-the-direction-of-research/

I've been wondering what the heck apparmour is.  I thought it was 
something Novell added to the OS which was unnecessary.
As of now, the OS has never prompted me to run anything either.  
Everything has functioned like a regular unix situation.

> _______________________________________________
> conspire mailing list
> conspire at linuxmafia.com
> http://linuxmafia.com/mailman/listinfo/conspire

More information about the conspire mailing list