From kde-core-devel Mon Jan 03 18:53:24 2005 From: Oswald Buddenhagen Date: Mon, 03 Jan 2005 18:53:24 +0000 To: kde-core-devel Subject: Re: [RFC] Security and Features in KPDF Message-Id: <20050103185324.GA2682 () ugly ! local> X-MARC-Message: https://marc.info/?l=kde-core-devel&m=110477840809125 On Mon, Jan 03, 2005 at 07:43:59PM +0100, Ingo Klöcker wrote: > On Monday 03 January 2005 01:23, Oswald Buddenhagen wrote: > > On Mon, Jan 03, 2005 at 01:08:51AM +0100, Ingo Klöcker wrote: > > > you can be sure that several distributions will make "kpdf > > > --script %u" the default for PDF "because it's so convenient". > > > > and this is our problem, right? uhm, well ... > > Even if it's not our problem who do you think will get the complaints? > and? do you care? RESOLVED -> INVALID. > There's a difference between a security hole and a consciously added > security problem. > yes, but the effect is the same. by adding a feature you risk security holes. whether a hole is techical or just human stupidity is irrelevant. the only safe way is not adding the feature at all. that's not the way to user satisfaction. -- Hi! I'm a .signature virus! Copy me into your ~/.signature, please! -- Chaos, panic, and disorder - my work here is done.