fenfire-dev
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Fenfire-dev] Security with libvob


From: Benja Fallenstein
Subject: Re: [Fenfire-dev] Security with libvob
Date: Wed, 20 Oct 2004 23:36:36 +0300
User-agent: Mozilla Thunderbird 0.8 (X11/20040926)

Hi,

Matti Katila wrote:
On Tue, 19 Oct 2004, Benja Fallenstein wrote:
Matti Katila wrote:
How libvob should work with malicious coordinates or renders?
...

Well, we don't have any sandboxing at the moment and no plans to sandbox in the near future, so I don't really see the problem. I mean, if a third party creates a malicious render object, it's also easy to put in a call of 'rm -rf ~', which is arguably worse than any of the above. :-)

With X I can go to console and kill the application. With libvob I can kill jvm. I didn't mean security as "make everything so slow because of all method calls are checked with RSA keys" but rather could we find some scenarious where scene.otrhoCS(100, "foo", ...) crashes and try to add reasonable checks, e.g. parent should be smaller number than created coordsys.
>
> So, I don't want to reserve a button in Fenfire for
> Kill-last-started-application!

Ok, what you want is not protection from *malicious* code, but from *erroneous* code -- not protection from an evil programmer, but from a programmer making a mistake :)

Yes, adding checking to Libvob would be a Good Thing.

I do think that making sandboxing work with libvob is too big a project to make it hold up a release.

We can add minimal sandboxing for childVS and give the child for every application in screen. That way one missbehaving application is not seen on screen while not crashing the whole libvob.

That's not sandboxing, but it's fine. ;-)

Cheers,
- Benja




reply via email to

[Prev in Thread] Current Thread [Next in Thread]