[Clipart] Malware in clipart

Jonadab the Unsightly One jonadab at bright.net
Tue Mar 15 04:52:12 PST 2005

"Stephen Silver" <ocalocal at btinternet.com> writes:

> Easier for now would be to detect files that contain possible script
> elements, and keep them out of the collection until someone has
> checked that they are safe.  

Effectively, to quarantine them?  I could live with that solution.

> As far as I can tell, any SVG file with a script element must
> contain "<script" or ":script" (or maybe ";script").  

They could not contain scripts in attributes, such as onclick,
onmouseover, onmouseout, onmousedown, onmouseup, onfocus, onblur,
onrollover, onload, onunload, et cetera, ad infinitum, ad bedlam?

split//,"ten.thgirb\@badanoj$/ --";$\=$ ;-> ();print$/

More information about the clipart mailing list