On 6 March 2018 at 14:06, Kevin Kofler <kevin.kof...@chello.at> wrote:
> Mitch Curtis wrote:
> > https://codereview.qt-project.org/#/c/221758/ makes
> > QObject::dumpObjectTree() and QObject::dumpObjectInfo() invokable so that
> > they can be used from QML.
> Would this have any security impact? I'm thinking of issues like ASLR
> or other information leakage, if these end up being invokable from
> scripts. Or is all the information contained there already available to
QML is not safe to run untrusted scripts period.
Development mailing list