Hi all, On 14 November 2017 at 23:07, Marek Marczykowski-Górecki < [email protected]> wrote:
> Well, this indeed could be useful. Also, running such tool in DispVM > makes sense. But the security model here is very different than PDF > converter. In PDF converter we have two parts: > - complex one: rendering PDF in DispVM, returning "simple > representation" > - simple one - running in calling VM, responsible for parsing > trivial(!) format returned data from the first part and assembling it > back into PDF > > In ODFCleaner I don't see any simple representation in between. What about using pandoc? [1, 2] It would be possible to use markdown as the intermediate representation. I like that pandoc is almost entirely written in Haskell, so that rules out a large class of potential vulnerabilities. In fact, I'm not sure there would be much to be gained by using a disposable VM -- especially if the non-Haskell bits are disabled. Kind regards, Andrew [1] https://github.com/jgm/pandoc [2] https://pandoc.org -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/CAAXZBWL3nOx53gsu2uLypmZdXLbpHZA_N4%2BGQVtYK0FYwiymgQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
