Oops.
https://www.kde.org/info/security/advis ... 0208-2.txt
Joe
KDE Security Advisory: Arbitrary command execution in the removable device notifier
Forum rules
Do not post support questions here. Before you post read the forum rules. Topics in this forum are automatically closed 6 months after creation.
Do not post support questions here. Before you post read the forum rules. Topics in this forum are automatically closed 6 months after creation.
- JoeFootball
- Level 13
- Posts: 4673
- Joined: Tue Nov 24, 2009 1:52 pm
- Location: /home/usa/mn/minneapolis/joe
KDE Security Advisory: Arbitrary command execution in the removable device notifier
Last edited by LockBot on Wed Dec 28, 2022 7:16 am, edited 1 time in total.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
- catweazel
- Level 19
- Posts: 9763
- Joined: Fri Oct 12, 2012 9:44 pm
- Location: Australian Antarctic Territory
Re: KDE Security Advisory: Arbitrary command execution in the removable device notifier
Really, I had to laugh at that.
"There is, ultimately, only one truth -- cogito, ergo sum -- everything else is an assumption." - Me, my swansong.
- JoeFootball
- Level 13
- Posts: 4673
- Joined: Tue Nov 24, 2009 1:52 pm
- Location: /home/usa/mn/minneapolis/joe
Re: KDE Security Advisory: Arbitrary command execution in the removable device notifier
So theoretically, one could create a USB drive label containing a nefarious shell command, walk up to someone's KDE deployment, plug it in, and *poof*. Eeek.
Can drives mount if the session is locked? Hmmm...
Joe
Can drives mount if the session is locked? Hmmm...
Joe