I would like to take some files from both a camera and usb stick that have been used on a windows laptop that had a virus/trojan(s). But I'm concerned that any nasties on those media will crawl over to my linux machine. To add to this auto mount seems to mount everything as root which seems like a security hole to me. I understand that it's difficult to auto-run shell scripts or executables from usb media in linux. But it can be done.
What are the risks or how can I ensure safe browsing of the media?
when i converted from windows to a linux box with kind of the same situation that you are on... i mounted my usb drives and even though it was mounted with root access i could still see the executable files that were trying to execute themselves. even though the drive is mounted as a root the executable (windows) need a third party software like wine in order to run. if pictures and videos are infected i would first scan them with clamav (antivirus) just to double check and make sure that they are clean. moreover, you don't need to worry about viruses in the linux environment.
as a matter of fact, if you show all your hidden files and folders on the usb drive you will be able to see probably some batches and executable files hidden that it could be the virus still attached to your usb. but be careful with what you delete and what you don't.
hope this answers your question.