Debian Developers - Re: Mozilla/Firefox "PostScript/default" security problems

This is Interesting: Free IT Magazines  
Home > Archive > Debian Developers > July 2004 > Re: Mozilla/Firefox "PostScript/default" security problems





You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

Author Re: Mozilla/Firefox "PostScript/default" security problems
Don Armstrong

2004-07-10, 5:54 pm

On Sat, 10 Jul 2004, Michael B Allen wrote:
> My impression was that the PostScript generator had the security
> issue

Can someone please state, for the record, definitively and precisely
what this "security issue" is?

The fact that PS is a turing complete language isn't a security issue,
beyond the fact that you shouldn't blindly execute untrusted PS. (Just
like you shouldn't blindly execute make files, or C code, or perl
scripts...)

Perhaps I've missed something, but everything that I've read in the
threads so far amounts to people either assuming that there's an issue
and not defining it, or attempting to figure out where the issue is.


Don Armstrong

--
Personally, I think my choice in the mostest-superlative-computer wars
has to be the HP-48 series of calculators. They'll run almost
anything. And if they can't, while I'll just plug a Linux box into
the serial port and load up the HP-48 VT-100 emulator.
-- Jeff Dege, jdege@winternet.com

http://www.donarmstrong.com
http://rzlab.ucr.edu


--
To UNSUBSCRIBE, email to debian-security-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Sponsored Links






Free braindumps | Software forum | Database administration forum

Copyright 2003 - 2009 webservertalk.com