Security in the 20-teens
Posted Feb 11, 2010 14:32 UTC (Thu) by anselm
In reply to: Security in the 20-teens
Parent article: Security in the 20-teens
For a security perspective, the PNG decoder shouldn't have
access to network sockets..
The PNG decoder shouldn't be allowed to open new network sockets.
However, a file descriptor open for reading is a file descriptor open for
reading. It doesn't matter much whether there is a disk or a web server at
the other end.
to post comments)