Hi Hanno. Thanks for bringing it up.
On Mo, 2016-12-05 at 14:03 +0100, Hanno Böck wrote: > The core problem here is that tracker automatically parses files of > potentially unknown origin with parsers that haven't been built with > security in mind. This happens without any sandboxing. Right. But sandboxing the parsers properly would mitigate most of the problems, right? I know too little about Tracker's architecture to be able to estimate how much of a problem it would be to have the parsers run in a sandbox. I hope it's an easy change to make and it may be even planned already. Let's hope someone from the Tracker team can comment. Cheers, Tobi _______________________________________________ desktop-devel-list mailing list desktop-devel-list@gnome.org https://mail.gnome.org/mailman/listinfo/desktop-devel-list
