davidk added a comment.
In https://phabricator.kde.org/D8532#175079, @ossi wrote: > you *really* should use a whitelist. it's ok if that breaks some 3rdparty extractor; you'll get a bug report which you can properly evaluate. > you could go totally overboard and assign fine-grained syscall capabilities to individual extractors, but i can't really think of legitimate reasons why that would be necessary in this context. It would be more secure, of course. But the downside is a higher maintenance cost, as one need to check whether the filter works for every QT version, because if a QT function starts using another syscall, baloo may get problems. I'm not sure which way to go here. I think we cannot use different (less strict) filters for different extractors, as a child process has at least the same restrictions as its parent process. Making filters for external extractors more strict would be possible, but i doubt it would be useful. REPOSITORY R293 Baloo REVISION DETAIL https://phabricator.kde.org/D8532 To: davidk, apol, ossi Cc: #frameworks
