Risky design decisions in Google Chrome and Fedora desktop enable drive-by downloads
http://scarybeastsecurity.blogspot.com/2016/11/0day-poc-risky-design-decisions-in.html [scarybeastsecurity.blogspot.com]
2016-11-16 00:11
Follow up to yesterday’s post about exploiting linux desktops. If a browser auto saves sketchy files to locations where buggy indexers read them, bad things happen. Auto magically.
The Fedora default desktop install includes a range of fairly obscure media decoders that confer risk but are not necessary for a thorough desktop experience.