[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-commits
Subject:    Re: kdegraphics/kpdf/kpdf [POSSIBLY UNSAFE]
From:       Frans Englich <frans.englich () telia ! com>
Date:       2004-09-14 20:28:16
Message-ID: 200409142028.16955.frans.englich () telia ! com
[Download RAW message or body]

On Tuesday 14 September 2004 20:07, Albert Astals Cid wrote:
> A Dimarts 14 Setembre 2004 22:01, David Faure va escriure:
> > On Tuesday 14 September 2004 21:56, Albert Astals Cid wrote:
> > > What problem do you have with it?
> > >
> > > I ask something along the lines of
> > >
> > > "Do you want to execute %1" where %1 is the command plus the arguments
> > >
> > > I don't see any problem with that. Is the user who decides if he wants
> > > to execute the program or not.
> >
> > And what should my mother answer to "Do you want to execute rm -rf $HOME"
> > ?
>
> Everybody should know he has to answer no to something he does not
> understand, it is a basic computers knowledge.
>
> > You have not answered "there is no legitimate use for this feature". Why
> > should a PDF run any kind of command on my system, even after asking me??
>
> No idea.
>
> So you are all basically saying that having a program that follows pdf
> specification is bad?

I don't think we should paint it in black and white, and I agree that the 
security implications are too heavy.

On the subject of dumping down, it's not too much asked that using the 
computer, such as viewing documents, should not require hacker skills to be 
safe. And if there's no legitimate reasons.. A similar discussion was about 
KControl's root module loading; a command line expression can only be 
interpreted by a very small part of the userbase, and even then, it is very 
easily obfuscated.


Cheers,

		Frans
[prev in list] [next in list] [prev in thread] [next in thread]