[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-core-devel
Subject: Re: KDE Scripting Interface [2nd Try]
From: Roberto Alsina <ralsina () kde ! org>
Date: 2001-07-20 15:18:13
[Download RAW message or body]
On Fri, 20 Jul 2001, Martijn Klingens wrote:
> On Friday 20 July 2001 14:06, Roberto Alsina wrote:
> > I say: don't ever run anything downloaded unless you are fairly sure of
> > what you are getting. And if the guy downloads a worm or a trojan or
> > whatever: he can do that already. And he will still be able to do that
> > afterwards.
>
> Hmm... but what about KOffice macros when those work and get distributed
> because people start exchanging their docs? I think we should really think
> about that now.
Don't embed the macros in the docs.
Or warn when loading a document with macros. I have no idea how this could
be done well, though.
Or allow a "load without macros".
But if you forbid macros from accessing DCOP, you have to export the
KOffice functionality twice, and that not neat.
> People who download and execute malicious executable content can and will do
> that anyway. It is completely pointless to have _any_ security there. The
> same is not true for scripts that can _only_ be executed from the GUI through
> an integrated scripting engine.
What is the difference? Just consider kword docs as a very fancy
executable format.
> And people _will_ start using macros in
> documents to get tasks done, and people _will_ complain if the macro engine
> is too restricted in a trusted environment. A sandbox offers both security
> and power, because people at least get a warning if a document wants to do
> something dangerous. If they screw up even then, then at least we can't be
> blamed...
Doing something just not to be blamed for not doing it is not much of a
resaon, IMHO ;-)
("\''/").__..-''"`-. . Roberto Alsina
`9_ 9 ) `-. ( ).`-._.`) ralsina@kde.org
(_Y_.)' ._ ) `._`. " -.-' KDE Developer (MFCH)
_..`-'_..-_/ /-'_.' Abeja obrera en Xtech (www.xtech.com.ar)
(l)-'' ((i).' ((!.' Buenos Aires - Argentina
Futuaris nisi irrisus ridebis. (Carlton, De rerum comoedia)
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic