[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Security problem: lilypond-invoke-editor
|
From: |
Stanton Sanderson |
|
Subject: |
Re: Security problem: lilypond-invoke-editor |
|
Date: |
Thu, 23 Nov 2017 10:53:48 -0600 |
Is this Windows-specific or is there a potential threat for other platforms?
Stan
> On Nov 23, 2017, at 6:42 AM, David Kastrup <address@hidden> wrote:
>
> Knut Petersen <address@hidden> writes:
>
>> Am 23.11.2017 um 10:23 schrieb David Kastrup:
>>> Stupid question: what does run-editor do to be inherently safer than
>>> run-browser, and what would prevent run-browser from doing the same?
>>
>> Your suspicion is correct. Also textedit URIs are vulnerable to a very
>> similar attack.
>
> It was more a hope than a suspicion: I had hoped that both could easily
> be made equivalently safe rather than equivalently unsafe.
>
> --
> David Kastrup
>
> _______________________________________________
> lilypond-user mailing list
> address@hidden
> https://lists.gnu.org/mailman/listinfo/lilypond-user
Re: Security problem: lilypond-invoke-editor, Blöchl Bernhard, 2017/11/23