[conspire] Autorun in GNOME/Nautilus
Ruben Safir
ruben at mrbrklyn.com
Tue Sep 27 16:41:00 PDT 2011
On 09/27/2011 06:34 PM, Rick Moen wrote:
> Quoting Ruben Safir (ruben at mrbrklyn.com):
>
>> My opensuse distro is defaulted to Gnome and I've never seen it start
>> any application automatically from a thumbdrive or a disk.
> Further reading, and going back and consulting the FDO spec, reveals
> that I missed an important sentence. So, I take back (and regret) that
> comment.
>
> The desktop environment MUST prompt the user for confirmation before
> automatically starting an application.
>
> http://standards.freedesktop.org/autostart-spec/autostart-spec-latest.html
> (I really don't entirely like 'Is it OK to run some executable you've
> never seen on a USB stick?' dialogues as a security solution, but must
> admit that it's miles away from merely enabling autorun on mount.)
>
> Nick is correct that the thumbnailers (of which there are several in a
> typical GNOME setup, not just the one in Nautilus) are the juicier
> target. Fortunately, I'm seeing signs that this is being recognised and
> dealt with via AppArmor, position-independent executables (PIE),
> software to use the No eXecute bit (PaX or Exec Shield), and address
> space layout randomization (ASLR).
>
> http://www.outflux.net/blog/archives/2011/02/11/shaping-the-direction-of-research/
>
>
I've been wondering what the heck apparmour is. I thought it was
something Novell added to the OS which was unnecessary.
As of now, the OS has never prompted me to run anything either.
Everything has functioned like a regular unix situation.
Ruben
> _______________________________________________
> conspire mailing list
> conspire at linuxmafia.com
> http://linuxmafia.com/mailman/listinfo/conspire
>
>
More information about the conspire
mailing list