|
Message-ID: <02db51d7-974a-53cf-d018-8982bed87da3@tnetconsulting.net> Date: Wed, 18 Oct 2023 17:31:07 -0500 From: Grant Taylor <gtaylor@...tconsulting.net> To: oss-security@...ts.openwall.com Subject: Re: with firefox on X11, any page can pastejack you anytime On 10/18/23 2:30 PM, Michael Orlitzky wrote: > That's the crux of it but I don't think it frees Firefox from > responsibility. Please elaborate on what Firefox's responsibility is here? > Despite the premise being contrary to common sense and fifty years > of evidence, Firefox promises to sandbox all of the bad things that > untrusted third-party code might do to you. So perhaps Firefox needs to change their statement / stance. Much like Google Chrome got sued over private browsing mode not preventing web servers of pages your visiting retaining logs. > Are there any other programs that run third-party code by default > and are not considered vulnerabilities? I'm sure there are many things that run third-party code that people are not aware are vulnerable. Email clients like Evolution come to mind. I would be shocked if OpenOffice / LibreOffice probably also qualify as programs on *nix systems that have the possibility of unexpectedly modifying the clipboard / selection buffers*. I saw an interesting thread -- I think on the Zsh mailing list -- talking about protecting end users from unexpected things that make sense in hindsight. E.g. shell globing expanding `*` into all files in the directory, including files with `-` at the start of their name and potentially if not likely altering the behavior of the command, probably in an undesirable way. I have to wonder how far programs / their programmers must go to protect users from themself. Where does the program's / programmer's responsibility stop and the users responsibility start? Aside: The thread in question brought up some interesting idea, including altering how things that start with unsafe characters -- though I wonder why not all files -- with `./` so the `-bob` file becomes `./-bob` when expanded. -- I wondered about prefixing globing with `--` which is the de-facto don't process anything after this as a command line flag. *To those who would complain about my use of the term "buffer" ... I agree that the primary and secondary selection $TERM doesn't contain the selected data, rather pointer to the program containing the data. But there is $SOMETHING that holds that information about where the selection is, a pointer of sorts. I'm taking the liberty of using the term "buffer" to refer to this location holding the pointer to the information. -- The clipboard is different and will retain data after the program that is the source of the data terminates, unlike the primary / secondary selection. -- Grant. . . . unix || die
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.