On Sun, 19 Apr 2009, marti.ma...@littlecms.com wrote: > Regarding being more secure... well, this is color management > and not a security package, so probably Bob is right and all > this effort may be pointless. What do you think? Giving a MD5 > message digest would help? Do we need anything else?
Lcms is important to security since ICC profiles can be contained in random files from the Internet or other untrustable sources. This is the only path which is any serious concern. Printing subsystems may also use lcms and are likely to run as a different user than the person who submitted the job, and the person who submitted the job may have done so from another machine. The printing system should be designed to limit the impact of such bugs. I create MD5 checksums for GraphicsMagick files but only as a convenience for the user. In order for the MD5 checksum to be more than a convenience it needs to be separately available from a known secure source, or signed using some other means. For example your web site is likely more trusted than some site which claims to be a mirror site. A number of Linux (and maybe some *BSD and OS-X) distributions have security problems with their packaging systems in that while they may verify the downloaded file with a MD5 checksum, the MD5 checksum itself is not signed or validated in any way and can be very easily compromised. Commercial Linux (e.g. Red Hat & SuSe) are much more secure since they don't rely on volunteer mirror sites. This situation was documented in USENIX Login several months ago. Bob -- Bob Friesenhahn bfrie...@simple.dallas.tx.us, http://www.simplesystems.org/users/bfriesen/ GraphicsMagick Maintainer, http://www.GraphicsMagick.org/ ------------------------------------------------------------------------------ Stay on top of everything new and different, both inside and around Java (TM) technology - register by April 22, and save $200 on the JavaOne (SM) conference, June 2-5, 2009, San Francisco. 300 plus technical and hands-on sessions. Register today. Use priority code J9JMT32. http://p.sf.net/sfu/p _______________________________________________ Lcms-user mailing list Lcms-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lcms-user
