[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Groff] Mission statement
|
From: |
Deri James |
|
Subject: |
Re: [Groff] Mission statement |
|
Date: |
Tue, 18 Mar 2014 13:26:02 +0000 |
|
User-agent: |
KMail/4.10.5 (Linux/3.10.28-desktop-1.mga3; KDE/4.10.5; x86_64; ; ) |
On Tue 18 Mar 2014 12:58:09 Ingo Schwarze wrote:
> Security-wise, PDF is
> one of the most dangerous file formats, nowadays.
That is true if the pdf reader you are using is configured to action all the
extra bits which Adobe added to the standard (i.e. forms, flash and
javascript). Without these "extras" it has the same risks as any other
application consuming input from the web with regard to buffer overflows
etc.
I certainly would not use Adobe's Reader, slow and dangerous.
Without these extras it is simply instructions to place marks on a canvas,
much like svg, except that allows javascript. If you use gv to view postscript
from the web you are actually running a postscript program in ghostscript
so the attack surface is likely to be larger.
Cheers
Deri
- Re: [Groff] Mission statement, (continued)
Re: [Groff] Mission statement, Deri James, 2014/03/17
Re: [Groff] Mission statement, Peter Schaffter, 2014/03/17
Re: [Groff] Mission statement, James K. Lowden, 2014/03/18
Re: [Groff] Mission statement, Ingo Schwarze, 2014/03/18
Re: [Groff] Mission statement,
Deri James <=
Re: [Groff] Mission statement, Ingo Schwarze, 2014/03/18
Re: [Groff] Mission statement, Eric S. Raymond, 2014/03/18
Re: [Groff] Mission statement, Ralph Corderoy, 2014/03/18
Re: [Groff] Mission statement, Pierre-Jean, 2014/03/15