Attack of the killer CD
Attack of the killer CD
Posted Mar 25, 2005 0:36 UTC (Fri) by dvdeug (guest, #10998)Parent article: Attack of the killer CD
The attacker doesn't need access to the computer; he just needs to convince the (super)user to mount his CD. I suspect if you can gain root access, you can run a trojan as root from that CD.
Mounting a CD image, at least, should be something that a user can do. It's the easiest way to handle them.
Posted Mar 25, 2005 10:11 UTC (Fri)
by bockman (guest, #3650)
[Link] (1 responses)
"""
Mounting a CD image, at least, should be something that a user can do.
"""
Maybe there should be two kind of "mount" for removable devices : the standard one, allowed only to root, and a sort of "user space mount",
which is allowed to users because it is somehow isolated from kernel
and therefore its bugs are less likely to compromise the system.
Easy to say, hard to do, I expect.
Posted Mar 26, 2005 0:28 UTC (Sat)
by zlynx (guest, #2285)
[Link]
User space mount?
Don't a few archive tools have ISO support? I thought FileRoller could do it. I wouldn't be surprised if there was a KDE kioslave for it. Then there are some utilities that come with mkisofs, too.User space mount?