On Wed, Jul 09, 2008 at 12:39:07PM +0200, Vincent Lefevre <[EMAIL PROTECTED]> wrote: > On 2008-07-09 11:01:03 +0200, Mike Hommey wrote: > > On Thu, Jul 03, 2008 at 03:56:18PM +0200, Vincent Lefevre <[EMAIL > > PROTECTED]> wrote: > > > On 2008-07-02 20:05:11 +0200, Mike Hommey wrote: > > > > Please run with the following environment variable set, and send output > > > > here: > > > > > > > > NSPR_LOG_MODULES=HelperAppService:5 > > > > > > Attached. Though evince doesn't appear in the contents, it is really > > > evince that has been run (and appears in ps output). > > > > I see what is happening. There is no security issue there, only > > inconvenience. > > There is *potential* security/data-loss problem, because the following > points are cumulated: > 1. Firefox runs a program (evince) while announcing something else. > 2. The end user doesn't necessarily know that and doesn't necessarily > even know GNOME's evince (he doesn't necessarily run GNOME: this > is my case). > 3. Because of point 2, the end user may have installed a program > (possibly written by himself) named "evince" that could do > destructive things. Of course, you may wonder whether or not this > is likely to occur somewhere in practice, but "évince" is a French > word that means "oust".
If the user has a program named "evince" in is $PATH, *and* the evince package is installed (which is already a condition to have it run because of /usr/share/applications/evince.desktop), he probably has other random problems with other applications. Your scenario is *very* unlikely. I do agree, however, that the incovenience is to be addressed. Mike -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]