On 09/28/2011 11:15 PM, Eric Wilhelm wrote: > While a linux machine is typically safer due to separations such as e.g. > not running the web browser in the kernel and not reading your e-mail > as root, any computer can have vulnerabilities. > > Remember that whatever you execute can do anything your user can do > (including sudo.) Security holes tend to come from convenience > features and unexpected consequences in complicated software. > > If you are using `mv` and other command-line tools to move windows files > around, it is very unlikely that you will get anything on your linux > machine. On the other hand, using a file manager means you are running > more complicated code and you begin to have more exposure where the > program's convenience features could be exploited, such as automatic > image preview causing a buffer overflow when given a bad image header. > Similarly, word processors and web browsers will try to do things with > a file which wouldn't happen with e.g. `head` or a text editor like vim > (though even vim will set syntax options based on modelines, which is > the sort of thing where a potential vulnerability could creep into the > code.) > > I don't know of a case where using nautilus on linux to look at files > from an infected windows machine would hose your home directory, but > you should understand risk and exposure if you are concerned about > security.
Thanks for the cautions. I'll keep that in mind. I have since learned that it is an XP system, and I have more recent experience cleaning up one of those without copying files to another machine. Hopefully I won't even have to turn my laptop on. -- Regards, Dick Steffens _______________________________________________ PLUG mailing list [email protected] http://lists.pdxlinux.org/mailman/listinfo/plug
