On Tue, Jul 18, 2017 at 06:15:20PM +0000, Daniel Abrecht wrote: > Since thumbnails have to be generated somehow, they need some kind of > generator. To use plugins, which are resembled by executables in this > case, is a perfectly fine approach for this.
Uhm, but why? I can understand a thumbnail for an image file: it may be useful to see what's inside without having to open it. But there's a limit to thumbnailing. If it's an .exe, give it an icon that says "EXE" (or a broken four-panelled window image), and that's it. > The real problem is that despite it's well known that thumbnail > generators have a really big attack surface, nothing has been done to > limit the impact of vulnerabilities in thumbnail generators. [...] > My guess on why noone actually does this is because it would break any > existing thumbnailer and programs like imagemagic couldn't be used for > thumbnail generation anymore. Actually, imagemagick is one of worst offenders here. The version in Jessie is at deb8u9, and every security update tends to mention ~20 CVEs. -- ⢀⣴⠾⠻⢶⣦⠀ ⣾⠁⢠⠒⠀⣿⡁ A dumb species has no way to open a tuna can. ⢿⡄⠘⠷⠚⠋⠀ A smart species invents a can opener. ⠈⠳⣄⠀⠀⠀⠀ A master species delegates. _______________________________________________ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
