On 17 October 2016 at 20:20, Geo DrinX <geodr...@gmail.com> wrote:
> Ok, I will try to be more clear (compatibly with my bad English).
> Look at this: https://goo.gl/WR8LVF
> In this project, since now, they (public administration) are using QGIS.
> But, they have today BIG PROBLEMS with crashes.
> In the next version of the system, the NEED to have a secure program (and
> possibly open source).
> QGIS now is NOT secure. I explained enough ?
> Now you understand what's at stake?
I'll just throw this up here for reference:
That's not even loading python code, just loading a TAB data file into
the program! ;)
> I hope so. Now somebody wants to see with me how to make sure QGIS
> decently ?
> Thank you
> 2016-10-17 11:56 GMT+02:00 Matthias Kuhn <matth...@opengis.ch>:
>> Hi all,
>> I like the *idea* of sandboxing.
>> And we all know and agree it's a complex topic. Hard to impossible to
>> get right (let's admit also that security is always something gray and
>> not black and white - unless the network plug is removed and the room
>> isolated with tin foil). This on the other hand doesn't mean that there
>> are some approaches which are just wrong by design.
>> There is also the question about the level on which sandboxing should
>> happen. E.g. distributing the app with flatpak and relying on its portal
>> mechanism  might at one point in the future be a way to get sandboxing.
>> One can also run the app inside some other virtualized environment or
>> even separate physical machine already now for isolation.
>> Maybe Pypy is a way to get there as well from the python side. I don't
>> know. But Nathan is absolutely right that the API offered by Qt builds a
>> big attack surface for which someone has to first bring up a sensible
>> idea for how to lock attackers down without restricting possibilities
>> offered for plugins. Or how to safely decide if running code from
>> external shared libs like the processing lwgeom provider does  is
>> something safe to do or not.
>> If someone seriously wants to follow this route:
>> Be prepared to work with specialists in this area and do serious
>> research about possibilities and feasibility first.
>> Be prepared to maintain a separate distribution of QGIS with restricted
>> python access and reduced plugin functionality.
>> Be prepared to get a very big sponsor to back the effort.
>>  https://github.com/flatpak/flatpak/wiki/Portals
>>  https://plugins.qgis.org/plugins/processinglwgeomprovider/
>> Qgis-developer mailing list
>> List info: http://lists.osgeo.org/mailman/listinfo/qgis-developer
>> Unsubscribe: http://lists.osgeo.org/mailman/listinfo/qgis-developer
> Qgis-developer mailing list
> List info: http://lists.osgeo.org/mailman/listinfo/qgis-developer
> Unsubscribe: http://lists.osgeo.org/mailman/listinfo/qgis-developer
Qgis-developer mailing list
List info: http://lists.osgeo.org/mailman/listinfo/qgis-developer