On Tue, Aug 23, 2016 at 1:56 AM, Random832 <random...@fastmail.com> wrote: >> And any GUI that automatically calculates thumbnails from >> image files (this includes Windows, Mac OS, and more than one Linux >> window manager) could potentially be attacked via a malformed file, >> simply by having it appear on the file system. > > This has nothing to do with the filename, unless you additionally assume > that this will only happen if the file is called .jpg
It generally will (or rather, only if the file has one of a particular set of extensions). Automatic thumbnailing is usually done only for certain file names. I don't know of anything that opens every single file to see if it has a JFIF signature (etc for PNG and whatever other types). ChrisA -- https://mail.python.org/mailman/listinfo/python-list
