TLUG Mailing List

Mailing List Archive

tlug.jp Mailing List tlug archive tlug Mailing List Archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [tlug] Auto-detect [uh, Josh, if you're drinking, swallow before reading]

Date: Tue, 20 Apr 2004 08:23:17 -0400

From: Josh Glover <tlug@example.com>

Subject: Re: [tlug] Auto-detect [uh, Josh, if you're drinking, swallow before reading]

References: <40831704.9080806@example.com> <20040419123857.GR11018%jmglov@example.com> <87u0zfthji.fsf_-_@example.com>

User-agent: Mutt/1.5.4i-ja.1
Quoth Stephen J. Turnbull (Tue 2004-04-20 01:11:29PM +0900):

> >>>>> "Josh" == Josh Glover <tlug@example.com> writes:
> 
>     Josh> Not really, at least in this case. If an attacker gains
>     Josh> physical access to your machine (as he would need to in
>     Josh> order to "exploit" automounting), you are screwed anyway.
> 
> But he _does_ in this case.  Some of the posts are evidently missing
> from the thread I'm looking at, but at a guess we're talking about
> plugging a camera into your PC and autoflogging the contents of its
> flash memory.
> 
> Do you really trust any large company's internals not to have a time
> bomb in that flash memory?  True, today nobody would autoexec anyting
> in there, but ... Java.  Write a "convenient" display program in Java,
> put it on the flash, sell it as value-added ... after all, it's got
> the latest and greatest virus inside!  Since it's "part of your
> machine" (automounted, ne?) it won't necessarily be inside the "web
> jail", hm?  In fact, since it also does file manager stuff and copies
> the pix you select into a slide show folder, you'll break your clicker
> finger turning the jail off, ne?  Oops.

You have a point, though I have not heard of autorun in the Linux world.
Maybe I am just being blissfully ignorant?

In any case, I don't like automount for the trouble that it causes me
as a sysadmin. If you want to use it for your desktop, go right ahead.
I feel better somehow knowing something will not be mounted until *I*
say so. Kernel thinks it knows better than me, huh? ;)

> It's like my mom told me: don't mount anything just because you can,
> it's not healthy.

Your mother had a point. :)

>     Josh> I don't really know how good a job SuSE does of being secure
>     Josh> out of the box. Gentoo does a great job, as no net-facing
>     Josh> daemons run unless you explicitly turn them on.
> 
> s/a great job/takes the bare minimum steps at least/
> 
> at least taking your description at face value.

As far as I am concerned, having no net-facing services on is the *only*
secure-out-of-the-box step that distros can reasonably take. You can't
keep releasing a whole new version of the distro every time there is a
security patch, people will still install old versions.

If I am missing something major here, let me know.

--Josh "thanks for the spew warning" Glover

-- 
Josh Glover

GPG keyID 0xDE8A3103 (C3E4 FA9E 1E07 BBDB 6D8B  07AB 2BF1 67A1 DE8A 3103)
gpg --keyserver pgp.mit.edu --recv-keys DE8A3103
Attachment: pgp00034.pgp
Description: PGP signature

Follow-Ups:

Re: [tlug] Auto-detect
From: Stephen J. Turnbull

References:

[tlug] Auto-detect (Was Option City)
From: Lyle (Hiroshi) Saxon

Re: [tlug] Auto-detect (Was Option City)
From: Josh Glover

Re: [tlug] Auto-detect [uh, Josh, if you're drinking, swallowbefore reading]
From: Stephen J. Turnbull

Prev by Date: Re: [tlug] Restarting a dead DNS lookup

Next by Date: [tlug] .muttrc and fcc-hook problem

Previous by thread: Re: [tlug] Auto-detect [uh, Josh, if you're drinking, swallowbefore reading]

Next by thread: Re: [tlug] Auto-detect

Index(es):

Date

Thread

Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links