On Thu, 06 Sep 2012 09:52:05 -0400 Robert Krawitz <[email protected]> wrote:
> Not if you do something like kerberized NFS with mandatory access > control. Or use thin clients like SunRays. Kerberized NFS and mandatory access control on the encrypted lower file system won't prevent the attack. The victim's stacked $HOME file system is unlocked and mounted when I log in. Sun Ray terminals aren't necessarily a fix, either. My attack method here is to use a USB flash drive with something malicious set to autorun. > So again, what happens to all of your shell history (not just command > history, but output history in an xterm or emacs buffer)? Or any > long-running jobs you need to keep around? The same thing that happens when a user who needs a workstation hits the reset button and kills your session the hard way. -- Rich P. _______________________________________________ Discuss mailing list [email protected] http://lists.blu.org/mailman/listinfo/discuss
