Hi, > On Wed, Nov 23, 2016 at 5:03 PM, Carlos Garnacho <carlosg(a)gnome.org> wrote: > > I'm objecting to whatever piece of software opens thoroughly untrusted > files out of ~/Downloads and parses them. If that's not "Tracker", > then I apologize. > > > Firefox is a big piece of code that loads untrusted stuff. It's > written in a memory-unsafe language, and there's a big team working on > fixing that. It's not sandboxed, and there's a project to fix that. > And it's still a major attack vector, but at least it has a very > serious security team. Sounds great, do they also get the blame for gstreamer bugs? I've got lots of fun so share ;). According to you Firefox is just as insecure, and I can tell that Firefox uses GStreamer to open untrusted content over the internet. Why downloading the file at all, you could be tricked into a webpage that auto-plays the infected content, it could even be an ad unbeknownst by the site, you got every bit as infected and Tracker wasn't involved, using the exact piece of sofware as attack vector that we're talking nowadays. Actually, nice comparison, Tracker and Firefox share 90% of the underlying 3rd party libraries to implement support for every format (jpegs, gifs, pdfs, videos, you name it), whatever security bug is found in those libraries will affect Firefox and Tracker equally. And as for the projects themselves, Tracker is a fraction of Firefox in terms of code size, and tracker-extract inside Tracker is another fraction. That makes a whole lot difference between auditing or securing a *web engine* and a process that essentially iterates over files. Why is Firefox then any more credible? Must be the serious looks of their security team. > > The fact that flatpak integration is being planned is great. I hope > that flatpak has an exceedingly strict mode for applications like > this. > > Tracker is just as exposed as Firefox because it (or some piece of it > or whatever) parses stuff in Downloads. Tracker-extract is not as exposed as Firefox, because the file needs being in the local filesystem for starters. The web world is well known for figuratively throwing 3rd party media content to your face, even in otherwise trusted websites. Anyway, the dead horse took its beating, things won't get done just talking, I'm back to work. Cheers, Carlos _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
