[prev in list] [next in list] [prev in thread] [next in thread]
List: koffice-devel
Subject: Re: Linux Format: KSpread "disaster area"
From: Martin Ellis <martin.ellis () kdemail ! net>
Date: 2006-01-14 18:16:55
Message-ID: 200601141816.55331.martin.ellis () kdemail ! net
[Download RAW message or body]
On Saturday 14 January 2006 18:01, Jaroslaw Staniek wrote:
> Gary Cramblitt said the following, On 2006-01-14 18:11:
> > I'm not a security expert, but my observation is that when
> > you have scripting capabilities that can access resources outside the
> > app, like read/write files, eventually someone will figure out a way to
> > infect systems with it.
> sane defaults (no file support) for KROSS were proposed.
I think Gary's point is that where a scripting language supports unsafe
features such file access, normally, people find a way around security
measure intended to restrict that feature.
Consider for example, the various failed attempts to secure Python.
All it takes is one implementation or design error, in one interpreter....
Martin
_______________________________________________
koffice-devel mailing list
koffice-devel@kde.org
https://mail.kde.org/mailman/listinfo/koffice-devel
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic