[Poppler-bugs] [Bug 100224] New: [PATCH] Seccomp sandbox support for pdftotext

[bugzilla-daemon at freedesktop.org]

https://bugs.freedesktop.org/show_bug.cgi?id=100224

            Bug ID: 100224
           Summary: [PATCH] Seccomp sandbox support for pdftotext
           Product: poppler
           Version: unspecified
          Hardware: Other
                OS: Linux (All)
            Status: NEW
          Severity: enhancement
          Priority: medium
         Component: utils
          Assignee: poppler-bugs at lists.freedesktop.org
          Reporter: hanado990 at mailbox.org

Created attachment 130253
  --> https://bugs.freedesktop.org/attachment.cgi?id=130253&action=edit
seccomp support for pdftotext

Since some of the poopler tools, like pdftotext are used by some file managers
to automatically parse pdf files for preview, I thought it might be a good idea
to use some sandboxing.

This is a patch that adds seccomp filter to pdftotext. This can also be applied
to the other tools that poppler provides, reducing the risk of successful
exploitation of poppler (and other used library) vulnerabilities significantly. 

I found this quite easy to apply and would be happy to help if you are
interested in using this.

This patch can be applied to poppler 0.52.0 without further changes

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/poppler-bugs/attachments/20170316/a021ce5c/attachment.html>