On Sat, 2016-12-17 at 01:58 +0200, Elad Alfassa wrote: > Also: perhaps it'll be easier to protect thumbnailers using a SELinux > policy? There already is such a policy. Back when WebKit used libsoup's disk cache, you could visit your cache directory and the totem thumbnailer would immediately try to load remote resources off the Internet to thumbnail them. SELinux would block that. The security context of /usr/bin/totem-video-thumbnailer is system_u:object_r:thumb_exec_t:s0 so SELinux must be doing something there. I think nobody ever fixed that. On Sat, 2016-12-17 at 01:58 +0200, Elad Alfassa wrote: > This should (in theory) be sufficient for most thumbnailers, apart > from the gdkpixbuf ones which don't run in an external process (it > should, at least theoretically, be easy to tear them out to an > external process if needed, though) Guess what Bastien did that earlier this week! It landed in gdk-pixbuf 2.36.1 so I guess it's coming to F25. Note there are a bundle of more traditional security fixes that landed just after that release.... Michael _______________________________________________ desktop mailing list -- desktop@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to desktop-leave@xxxxxxxxxxxxxxxxxxxxxxx
