Bobinas P4G
  • Login

  • Public

    • Public
    • Groups
    • Popular
    • People

Conversation

Notices

  1. Joanna Rootkovska ☠️ (rootkovska@mastodon.social)'s status on Thursday, 13-Apr-2017 15:05:22 UTC Joanna Rootkovska ☠️ Joanna Rootkovska ☠️
    • Micah Lee

    About the Subgraph attack:
    1. The main problem that @micahflee exploited is the unfortunate decision made by Subgraph OS to keep Gnome/Nautilus in the TCB *and* letting this complex software process *untrusted* files,
    2. The specific Nautilus bug (handling of .desktop files) is just *one* example of what could go wrong in this case,
    3. We can think of other potential problems (e.g. Thumbnails processing)
    4. More details: https://micahflee.com/2017/04/breaking-the-security-model-of-subgraph-os/

    In conversation Thursday, 13-Apr-2017 15:05:22 UTC from mastodon.social permalink

    Attachments


    • soloojos repeated this.

Feeds

  • Activity Streams
  • RSS 2.0
  • Atom
  • Help
  • About
  • FAQ
  • Privacy
  • Source
  • Version
  • Contact

Bobinas P4G is a social network. It runs on GNU social, version 2.0.1-beta0, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All Bobinas P4G content and data are available under the Creative Commons Attribution 3.0 license.