[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Groff] Mission statement

From: Deri James
Subject: Re: [Groff] Mission statement
Date: Tue, 18 Mar 2014 13:26:02 +0000
User-agent: KMail/4.10.5 (Linux/3.10.28-desktop-1.mga3; KDE/4.10.5; x86_64; ; )

On Tue 18 Mar 2014 12:58:09 Ingo Schwarze wrote:
>  Security-wise, PDF is
> one of the most dangerous file formats, nowadays.

That is true if the pdf reader you are using is configured to action all the 
extra bits which Adobe added to the standard (i.e. forms, flash and 
javascript). Without these "extras" it has the same risks as any other 
application consuming input from the web with regard to buffer overflows 

I certainly would not use Adobe's Reader, slow and dangerous.
Without these extras it is simply instructions to place marks on a canvas, 
much like svg, except that allows javascript. If you use gv to view postscript 
from the web you are actually running a postscript program in ghostscript 
so the attack surface is likely to be larger.



reply via email to

[Prev in Thread] Current Thread [Next in Thread]