[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-core-devel
Subject: Re: [RFC] Security and Features in KPDF
From: Ingo =?iso-8859-1?q?Kl=F6cker?= <kloecker () kde ! org>
Date: 2005-01-03 18:43:59
Message-ID: 200501031944.00818 () erwin ! ingo-kloecker ! de
[Download RAW message or body]
On Monday 03 January 2005 01:23, Oswald Buddenhagen wrote:
> On Mon, Jan 03, 2005 at 01:08:51AM +0100, Ingo Klöcker wrote:
> > Unfortunately, Stephan's suggestion is also not a very good
> > solution because you can be sure that several distributions will
> > make "kpdf --script %u" the default for PDF "because it's so
> > convenient".
>
> and this is our problem, right? uhm, well ...
Even if it's not our problem who do you think will get the complaints?
> > > But that's the same case as when the user clicks on an unknown
> > > email attachment. Do we forbid email attachments for this reason?
> >
> > That's nonsense. Clicking on an unknown email attachment in KMail
> > does never result in 'rm -Rf /' or similarly dangerous commands
> > being executed.
>
> yeah, right. kmail (and any program called by it) never had, and will
> never have any relevant security holes. therefore attachments are
> safe.
There's a difference between a security hole and a consciously added
security problem. Do you propose that we make it possible in KMail to
execute attachments by just clicking on them because there might anyway
be a security hole in KMail?
Regards,
Ingo
[Attachment #3 (application/pgp-signature)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic