It's sickening to contemplate .leo files that execute malicious scripts in
@script nodes. This is an existential threat to Leo's reputation.
Rev 6574 corrects a major security vulnerability: it prohibits setting
@bool scripting-at-script-nodes = True in local (non-settings) files.
But this is not good enough. Leo must require that an environment
variable, say leo-startup-scripting, be True. That will prevent any .leo
file from enabling startup scripting all by itself. I'll add this
additional lock today.
Alas, malicious .leo files can still "deliver" malicious scripts in other
ways, for example, by creating an @button node ("press me!") that runs a
malicious script directly, or worse, sets leo-startup-scripting to True!
Edward
--
You received this message because you are subscribed to the Google Groups
"leo-editor" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/leo-editor.
For more options, visit https://groups.google.com/groups/opt_out.
