Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Check presence of Autorun on output key #10

Open
Rafiot opened this issue Aug 5, 2013 · 0 comments
Open

Check presence of Autorun on output key #10

Rafiot opened this issue Aug 5, 2013 · 0 comments
Labels
Security

Comments

@Rafiot
Copy link
Owner

Rafiot commented Aug 5, 2013

It should never happen: the contents of the partitions are in their own repository.

In case, for some raison, the attacker manage to exploit the conversion, it does not hurt to check the presence of autorun.inf on the output key.

If it is the case, the content is malicious and should not be opened.

What should we do ?

I would suggest to remove the whole content of the output key and to print a big warning in the log file.
Rafiot pushed a commit that referenced this issue Feb 21, 2015
@adulau
Merge pull request #10 from mdurvaux/master
7c6e09f 
Add doc directory and technical notes
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Security
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Rafiot