LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for August 28, 2008

Fedora, Red Hat, and distributor security

LWN.net Weekly Edition for August 21, 2008

Standards, the kernel, and Postfix

In defense of Ubuntu

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

X at OLS

X at OLS

Posted Aug 3, 2004 14:12 UTC (Tue) by kzin (subscriber, #841)
In reply to: X at OLS by chepelov
Parent article: X at OLS

The browser would have to open and read the JPEG file anyway before sending it to the X server, for a variety of reasons, not the least of which being security.

(Log in to post comments)

X at OLS

Posted Aug 5, 2004 9:07 UTC (Thu) by renox (guest, #23785) [Link]

Can you elaborate?
I'm not sure how decompressing a JPEG file may be a security problem, either it decompress correctly or it doesn't and the X Server should return an error to the browser, but how is this a security problem?

Of course in case of decompression error, there is a loss of performance due to the unneeded transfer of the JPEG, but errors should be very rare..

Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds