On Sun, 27 Jan 2013 19:05:29 +0000 "Carlos R. Mafra" <[email protected]> wrote: > Ok, thanks a lot for clarifying it. Having this symmetry on how to include > the generated menu makes sense for me. > > But how safe is this if one tries to abuse it? Say generate a huge file > to get a buffer overflow etc. I'm also worried about generating a "menu" > with 'rm -rf $HOME' or something like that. > > I usually don't think about ways to destroy things, but since WMRootMenu > is easy to edit someone might be inspired to attack wmaker users this > way. Well sure, someone could do this (the program would run in user context). But if you take a look at the current code, popen is run already, so the moving/cleaning of the code does not really change the attack vector. The output from popen is written to a growing buffer so in theory you cloud cause a oom on it. I am open to fixing any buffer overflow bugs that are pointed out. At least valgrind is happy on the loop as it is now.
- Andreas -- BR Andreas Bierfert, M.Sc. | phone: +49 6897 1721738 | GPG: C58CF1CB [email protected] | fax: +49 6897 1722828 | signed/encrypted http://lowlatency.de | cell: +49 170 9665206 | mail preferred
signature.asc
Description: PGP signature
