Running in DispVM can prevent some class of attack that extracts data using techniques like path traversal, XXE (hmm, …) or other attacks below RCE.
Regards, Vít Šesták 'v6ak' On Wednesday, November 15, 2017 at 12:07:21 AM UTC+1, Marek Marczykowski-Górecki wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > On Tue, Nov 14, 2017 at 12:37:27PM -0500, Michael Carbone wrote: > > Hi folks, > > > > A colleague at CIRCL recently released ODFCleaner: > > > > https://github.com/CIRCL/ODFCleaner > > > > Could be worth exploring integration as an additional feature similar to > > Convert to trusted PDF. > > Well, this indeed could be useful. Also, running such tool in DispVM > makes sense. But the security model here is very different than PDF > converter. In PDF converter we have two parts: > - complex one: rendering PDF in DispVM, returning "simple > representation" > - simple one - running in calling VM, responsible for parsing > trivial(!) format returned data from the first part and assembling it > back into PDF > > In ODFCleaner I don't see any simple representation in between. So, if > that code got exploited(*), the resulting file may still be hostile. > So, running this tool in DispVM may be useful to guard file-storing VM. > But it will not guarantee that the output file is safe. > > (*) which is IMO less likely for this code, than for full LibreOffice. > > - -- > Best Regards, > Marek Marczykowski-Górecki > Invisible Things Lab > A: Because it messes up the order in which people normally read text. > Q: Why is top-posting such a bad thing? > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v2 > > iQEcBAEBCAAGBQJaCBAhAAoJENuP0xzK19csVNwH/RdxcXuwAQzj8qeNW+q+APQm > 61bAvYpuUo9dmzF+t3rTxfiWUGDygKDhIu7M1UJL7QTCGeHZxjrsERx8luIg6+hy > ig7pm4sKHhnA/oA+EP54KudWYwJ7KGCDfs1nuZO6LEUC3NXsrFuFAc1yAQmVYkn2 > XWo0E1gkBrVt8TG2Z4Dq/7ueFl0G63b00vuo4V4gA4uUV0i/5whnmGtmZqbwBvx3 > yQDcCUmeNbESQXfxI79s/QlD8CKyNQCBld1dLxG/8aJCTmKXbS6Pwv+94xCtL6ht > 5lGL8XhH7yb8a/6I2V7O5AyapylOEt6xUkYV8KxVUiDzsASRmdT+8bF8Mlu/CI8= > =v/S/ > -----END PGP SIGNATURE----- > -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/f376b143-8106-4424-bee7-3157b479a41e%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
