Loading ...
Sorry, an error occurred while loading the content.

46720Re: feedkeys() allowed in sandbox

Expand Messages
  • Ciaran McCreesh
    May 4, 2007
    • 0 Attachment
      On Fri, 4 May 2007 14:20:22 +1000
      "John Beckett" <winterwaffle@...> wrote:
      > I mentioned that the first step for point 4 should (IMHO) be
      > rejecting any modeline beyond some fairly small maximum size.

      Most previous exploits have been exploitable with far below the line
      length that is reasonably used by sensible people.

      > What I'd really like would be a separate sanity check that
      > verifies that the syntax in the modeline is boringly standard
      > 'set' options for a declared whitelist of things that a modeline
      > is allowed to do.


      > For example, 100 bytes of malware might be able to erase my
      > files, but perhaps it couldn't do something more sophisticated
      > like launching a hidden infiltration of my network.

      100 bytes is more than enough room to download and execute a file that
      contains the real malicious code.

      Ciaran McCreesh
    • Show all 25 messages in this topic