Re: GTK+-1.2.9 Released
- From: Havoc Pennington <hp redhat com>
- To: Valdis Kletnieks vt edu
- Cc: "J. Ali Harlow" <gtk-list optosun7 city ac uk>, Owen Taylor <otaylor redhat com>, gtk-list gnome org, slashem-devel lists sourceforge net
- Subject: Re: GTK+-1.2.9 Released
- Date: 05 Mar 2001 15:14:20 -0500
Valdis Kletnieks vt edu writes:
> On Mon, 05 Mar 2001 14:10:29 EST, Havoc Pennington said:
> > Right. Adding something like a GTK_ALLOW_INSECURE environment variable
> > doesn't seem like a terrible idea, though it's too late to do so for
> > 1.2.9.
>
> Wrong.
>
> A hacker can just say 'export GTK_ALLOW_INSECURE' and then run his
> exploit.
Obviously. My thought is that the purpose of the check in GTK isn't to
stop exploits, it's to stop apps from creating the situation that
allows exploits. i.e. it is really just a "fix your app" warning, even
though it exits as a way of punctuating the warning.
> A better solution would be to have a global variable inside the GTK libs
> that the application itself could set if it was willing to take the risks.
I like that a bit less, because it doesn't require the user to type
anything. I would like users to say "please screw me," otherwise
one clueless app author can hose a bunch of users.
Perhaps the best solution is a combination, GTK_ALLOW_INSECURE enables
makes the gtk_disable_security_check() function do something, by
default gtk_disable_security_check() would be a no-op. So then you
need both the app author and the user to agree to make the app
insecure.
Havoc
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
