thumbnail mtime, ctime
Thiago Macieira
thiago at kde.org
Fri Mar 28 11:41:47 PDT 2008
On Friday 28 March 2008 18:31:01 David Zeuthen wrote:
> On Fri, 2008-03-28 at 12:03 +0100, Thiago Macieira wrote:
> > - it would throw away a valid thumbnail if the file became unreadable
>
> Maybe, uh, that's a feature. Or to put it stronger: a bug fix for a
> security vulnerability in the spec. Someone took away your read
> privileges, why should you still be able to look at the thumbnail?
It's not a security vulnerability in the spec. The file was readable when it
was thumbnailed. And for all we know, at the time, legitimately so.
If there's any security issue, it was outside the thumbnailing scope.
--
Thiago Macieira - thiago (AT) macieira.info - thiago (AT) kde.org
PGP/GPG: 0x6EF45358; fingerprint:
E067 918B B660 DBD1 105C 966C 33F5 F005 6EF4 5358
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
Url : http://lists.freedesktop.org/archives/xdg/attachments/20080328/a5d0276e/attachment.pgp
More information about the xdg
mailing list