On 11/15/06, David Zeuthen <[EMAIL PROTECTED]> wrote: > One of our security dudes at Red Hat mentioned a possible attack vector. > > When the screen saver is running, the user may not be around to keep an > eye on their machine. There are a number of security attacks with a > specially crafted filesystem that can happen since the automounter > effectively performs mount, which is a privileged command, and reads the > directory contents.
Are we going to hack around people, that have physical access to the box and are able to add/remove hardware now? How about a corrupt network card and NetworkManager? Should we disable NM, when the screensaver is active too? Same problem with PTP cameras, and ... I would say we should leave such "problems" to the proper infrastructure with console activity tracking, instead of introducing such weird hacks. :) Kay _______________________________________________ utopia-list mailing list [email protected] http://mail.gnome.org/mailman/listinfo/utopia-list
