'Re: KDE Scripting Interface [2nd Try]'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-core-devel
Subject:    Re: KDE Scripting Interface [2nd Try]
From:       Roberto Alsina <ralsina () kde ! org>
Date:       2001-07-20 15:18:13
[Download RAW message or body]

On Fri, 20 Jul 2001, Martijn Klingens wrote:

> On Friday 20 July 2001 14:06, Roberto Alsina wrote:
> > I say: don't ever run anything downloaded unless you are fairly sure of
> > what you are getting. And if the guy downloads a worm or a trojan or
> > whatever: he can do that already. And he will still be able to do that
> > afterwards.
> 
> Hmm... but what about KOffice macros when those work and get distributed 
> because people start exchanging their docs? I think we should really think 
> about that now.

Don't embed the macros in the docs.
Or warn when loading a document with macros. I have no idea how this could
be done well, though.
Or allow a "load without macros".

But if you forbid macros from accessing DCOP, you have to export the
KOffice functionality twice, and that not neat.

> People who download and execute malicious executable content can and will do 
> that anyway. It is completely  pointless to have _any_ security there. The 
> same is not true for scripts that can _only_ be executed from the GUI through 
> an integrated scripting engine.

What is the difference? Just consider kword docs as a very fancy
executable format.

> And people _will_ start using macros in 
> documents to get tasks done, and people _will_ complain if the macro engine 
> is too restricted in a trusted environment. A sandbox offers both security 
> and power, because people at least get a warning if a document wants to do 
> something dangerous. If they screw up even then, then at least we can't be 
> blamed...

Doing something just not to be blamed for not doing it is not much of a
resaon, IMHO ;-)

 ("\''/").__..-''"`-. .         Roberto Alsina
 `9_ 9  )   `-. (    ).`-._.`)  ralsina@kde.org
 (_Y_.)' ._   ) `._`.  " -.-'   KDE Developer (MFCH)
  _..`-'_..-_/ /-'_.'           Abeja obrera en Xtech (www.xtech.com.ar)
(l)-'' ((i).' ((!.'             Buenos Aires - Argentina
Futuaris nisi irrisus ridebis. (Carlton, De rerum comoedia)

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic