Re: security holes in gnome-vfs application list (was Call for file

From: Federico Mena Quintero <federico ximian com>
To: Alan Cox <alan redhat com>
Cc: gnome-hackers gnome org
Subject: Re: security holes in gnome-vfs application list (was Call for file
Date: Mon, 26 Feb 2001 12:04:51 -0600

Alan Cox <alan redhat com> writes:

> I dont see what that changes. Does it matter if the user is given a cool
> picture clicks on it and gets cracked or whether it is automated ?

This has nothing to do with gnome-vfs or its handling of MIME types.
You have exactly the same problem with any application that opens
files.  I am pretty sure some day someone will find a terrible bug in
a GIMP plug-in and exploit it to rm -rf your home directory if your
image has a particular byte sequence.

So let's be as paranoid as possible, but not any more paranoid than that.

  Federico

_______________________________________________
gnome-hackers mailing list
gnome-hackers gnome org
http://mail.gnome.org/mailman/listinfo/gnome-hackers

Follow-Ups:
- Re: security holes in gnome-vfs application list (was Call for file
  - From: Alan Cox

References:
- Re: security holes in gnome-vfs application list (was Call for file
  - From: Alan Cox

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]