Fedora Security and the Uverse 3800HGV-B router
craigwhite at azapple.com
Sat Jul 2 20:07:08 UTC 2011
On Fri, 2011-07-01 at 21:14 -0700, JD wrote:
> You are right.
> It turns out it does it via the intruder which the whole
> world was deceived by Sun that it only plays in a sandbox
share anything at all with java except the name which was an unfortunate
> So I used noscript to disable scripts from 192.168.1.254
> and access to my drive went away.
> When will the linux community wake up and shout out loud:
> and network clients.
were close when you realized that your 'router' is likely an attack
vector because many of the retail/home intended routers are known to
have been compromised.
> It is THE trojan horse hiding in plain site and can access
> EVERYTHING on your system that YOU have access to and
> written to send it to.
> browser on your system is a HUGE WIDE OPEN SECURITY HOLE!!!
Sandbox implementation errors
of the sandbox, with the privileges necessary to, for
example, create or delete files. Of course, such privileges
aren't meant to be granted to code from the web.
What you have demonstrated is one of the many reasons not to run GUI as
root but you only saw the files/folders that you could see with a tool
like nautilus or dolphin with exactly the same privileges so I guess I
can't understand your hysterics.
If noscript gives you peace of mind, then use it.
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the users