On 11/16/06, Kay Sievers <[EMAIL PROTECTED]> wrote: > Are we going to hack around people, that have physical access to the > box and are able to add/remove hardware now? How about a corrupt > network card and NetworkManager? Should we disable NM, when the > screensaver is active too? Same problem with PTP cameras, and ... > > I would say we should leave such "problems" to the proper > infrastructure with console activity tracking, instead of introducing > such weird hacks. :)
I agree with this 100%. As far as I can tell, the argument seems to be "a filesystem might have a bug in it and automounting would allow that to be exploited". In which case, it make more sense to just fix any kernel bugs at their source. There could be bugs in the kernel in any manner of other USB devices or any other devices. In any case, someone desperate to gain access to a machine like this is far more likely to reboot it and boot from a live CD than to devise a carefully crafted corrupted GFS2 filesystem on a USB pendrive that will disable the screensaver. On the flipside, this potentially has a really annoying effect on people who are using USB devices. Here's a use case: 1. Joe wants to copy some files from Bob. Bob works in secure lab with no network access on the other side of the building. 2. Joe goes to Bob's desk, locking his machine while he is away. 3. Bob gives Joe a USB disk containing the files. 4. Joe returns to his desk. His USB port is located on the back of his computer, so he must crawl under his desk to plug in the disk. Because of this, he plugs it in before he sits back down and unlocks his screen. 5. Joe unlocks his screen. The USB disk has not mounted. 6. Joe must now crawl under the desk again to unplug the disk and plug it back in again. -- Simon Howard http://www.soulsphere.org/ _______________________________________________ utopia-list mailing list [email protected] http://mail.gnome.org/mailman/listinfo/utopia-list
