On Sun, Nov 23, 2014 at 21:13, Jonathan Thornburg wrote: > Libraries for loading/parsing/processing common image formats like > JPEG, PNG, GIF, TIFF, etc, have a long history of buffer overruns and > other security problems. This in turn has been reflected in various > exploits for command-line image-viewing tools like xv(1), xloadimage(1), > display(1) [ImageMagick], etc. > > Do we (OpenBSD) have any image-viewing software that's written to > OpenBSD-style security standards? Notably, do we have any image-viewing > software that's privilige-separated? (I.e., which does the (dangerous) > image parsing/processing in a separate process which is chrooted, sending > back bitmaps/pixmaps over a constrained channel to a display process?)
Well, you basically just described running any image viewer of choice as a different user and displaying it on your X session. X channels aren't entirely constrained, though you can play around with Xephyr or so.
