On 02/26/2011 06:01 PM, Yves-Alexis Perez wrote:
On Sat, 2011-02-26 at 18:00 -0600, Ron Johnson wrote:
Isn't it auto*run* which opens a vulnerability, and thus should be
disabled by default?
Autorun can leads to somehow direct exploitation.
Right.
Disabling automount& autobrowse seem to be security overkill.
Autobrowse means a file manager is opened, which, by default, tries to
make thumbnails of files, which, in turn, can lead to code execution by
exploiting bugs in pdf parsers.
Ah.
Turn off thumbnailing of removable media?
--
I prefer banana-flavored energy bars made from tofu.
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
Archive: http://lists.debian.org/[email protected]
