Re: gsu (Was Re: More Political Stuff)

From: Havoc Pennington <hp redhat com>
To: Preben Randhol <randhol pvv org>
Cc: gnome-devel-list gnome org
Subject: Re: gsu (Was Re: More Political Stuff)
Date: 01 Sep 2000 11:46:48 -0400

Preben Randhol <randhol@pvv.org> writes: 
> I think that going after a solutions where the themes have to be made in
> a certain way not to be a security risk is the wrong end of the stick.
> One should rather concentrate how to make it impossible for the themes
> no matter how they are made to be a security risk.
> 

That would mean implementing engines in something other than C, which
would mean an embedded lisp interpreter in GTK or something. ;-) You
can't sandbox C.

If you use non-engine themes, this is already true I would expect
(they can't do much beyond maybe segfault an app by exploiting known
bugs in image loaders).

Havoc

Follow-Ups:
- Re: gsu (Was Re: More Political Stuff)
  - From: Petr Tomasek

References:
- Re: gsu (Was Re: More Political Stuff)
  - From: Preben Randhol

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]