[prev in list] [next in list] [prev in thread] [next in thread]
List: kopete-devel
Subject: Re: [kopete-devel] [PATCH] make the addbookmark plugin more secure
From: Matt Rogers <mattr () kde ! org>
Date: 2006-10-31 0:39:54
Message-ID: 200610301839.54864.mattr () kde ! org
[Download RAW message or body]
On Monday 30 October 2006 09:35, Dirk Mueller wrote:
> Hi,
>
> We've received a bugreport about the kopete addbookmark plugin, which SUSE
> ships (but fortunately not enabled by default). The reporter was very
> concerned about url's being opened by default (without user interaction)
> just by receiving of a message which contains one.
>
> I've shortly looked into the code and found multitude of issues:
>
> - it starts interactive jobs, which will cause ssl warning prompts if
> you receive a https:// url that doesn't have a verifyable certificate.
>
> - The idea of extracting a title that can be of arbitrary length and
> (almost arbitrary) content scares me. Also, that it tries to do that for
> url's that are other than "http(s)" protocol (even local stuff like file:/
> or other unsafe protocols !) is outride desastrous.
>
> - Automatically adding bookmarks for "untrusted" urls even from people
> not on your contact list is scary. I don't know enough kopete internals
> to restrict the set of urls that are auto-added this way. I would love
> to see some functionality that it only does that for people you're talked
> _to_ at least once before (or that are somehow otherwise on a trusted
> opt-in list).
>
> - Automatically adding bookmarks for any url (possibly even "javascript:")
> makes it much easier for a user to accidentally being victim of an
> exploit attempt, especially as we execute javascript in bookmarks by
> default.
>
> I've also shortly screened kopete for other obvious problems, and there are
> some places where KHTML is used in unsafe ways. Below is a complete patch.
> I would like to receive some comments on it, as I'd like to commit it to
> 3.5 and trunk. it would also be nice to optionally disable this <title>
> retrieve feature (possibly by default).
>
>
> Thanks,
>
> Dirk
>
>
> PS: Please CC, not on this list.
Looks fine. Please commit.
Thanks
--
Matt
_______________________________________________
kopete-devel mailing list
kopete-devel@kde.org
https://mail.kde.org/mailman/listinfo/kopete-devel
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic