Re: Image mode

[Chong Yidong]

"Lennart Borgman (gmail)" <address@hidden> writes:

> Richard Stallman wrote:
>
>> That is an interesting point.  Is it safe for firefox, and for eog or
>> qiv, to display a file without checking it?  If so, why in practice is
>> it safe?
>>
>> The answer can't be "Because people check every JPG file before they
>> try to display it using eog or qiv or firefox."  I don't -- I would
>> not know how.  And I am sure most other users would not know how to
>> check.
>>
>> So what is it in practice that prevents this from being a common way
>> for viruses to be introduced?
>
> That the image libraries are updated. Firefox updates itself or tells
> the user push a button to update Firefox whenever the authors of
> Firefox finds and fixes a security bug.

This may be true on Windows (I wouldn't know), but on GNU/Linux
systems, firefox relies on the same shared image libraries as everyone
else, and those are updated when the user updates the system
libraries; it is not initiated by Firefox.

The consensus seems to be that the way to handle the (hypothetical)
risk of security holes due to image library bugs is to patch the image
libraries if such bugs are found, NOT to hobble image display in
programs that use them.

As to why viruses haven't been very successful in propagating in this
way, I guess it's simply too difficult and impractical.  If the bug in
question is a buffer overrun in the image library, each exploit
probably needs to be targeted at particular applications using the
library, and there are much, MUCH easier targets than Emacs out there.

So I doubt we need to lose any sleep over this.