On 8/31/21 3:50 PM, Christof Ressi wrote:
Has this any security implications?Generally, every single external is a potential security risk since it contains arbitrary code.
what i forgot to say:even with my proof-of-concept exploit (regardless of whether it actually works), i don't think there is anything inherently wrong with that. if we consider Pd as a programming language, then it should be possible to write all kinds of code. e.g. you could write a Pd-patch that cleverly uses beta- and zeta-waves to hypnotize people and make them give you all their money - no filesystem access involved. or just play some very loud sounds, right after you completed your ENT degree.
having said that, the idea of a "sandboxed" Pd might be interesting.
Maybe [zexy] contains a backdoor for the NSA, who knows?
i do. gfamsdr IOhannes
OpenPGP_signature
Description: OpenPGP digital signature
_______________________________________________ [email protected] mailing list UNSUBSCRIBE and account-management -> https://lists.puredata.info/listinfo/pd-list
