Darren Reed <[email protected]> wrote: > Because auto-mounting a filesystem from a USB stick implies that > the system somehow trusts the structure of the data on the USB > stick. As has been proven in the past with security exploits > relating to auto-execution of USB stick files, they are a medium > that isn't to be trusted. But that's not to say that they should > be forbidden to be used in that way inside a local zone.
The question is _why_ a USB stick cannot be trusted. If this is because the filesystem on it could crash the OS, then the filesystem driver in the OS should be hardened. Frank Hofmann and I verified that this is possible by hardening hsfs. Similar things could be done with other filesystems. Jörg -- EMail:[email protected] (home) Jörg Schilling D-13353 Berlin [email protected] (uni) [email protected] (work) Blog: http://schily.blogspot.com/ URL: http://cdrecord.berlios.de/private/ ftp://ftp.berlios.de/pub/schily _______________________________________________ opensolaris-arc mailing list [email protected]
