Re: Nautilus html thumbs



*yawn* This is why we need syscall mandatory access controls by default
in every distribution. Would stop exploit vectors like this dead in
their tracks.


On Fri, 2004-03-05 at 08:43, Jerry Haltom wrote:
> I just want to be the only one asking questions about this. Is this
> really a good idea? How safe is gtkhtml? I ask because there have been
> at least 5 viruses on Windows that I know of that exploit this exact
> same thing. Find exploit in Exporter, put file on disk, wait until
> somebody browses it, exploit. I think before something like this makes
> it into Gnome somebody needs to have this discussion. :)
> 
> On Mon, 2004-02-23 at 06:29, Nadav Rotem wrote:
> > Hi,
> > 
> > I am trying to implement Nautilus html thumbs using gtkhtml. I decided
> > to render the html file to a widget and than save it to a file. I have a
> > few problems with that. I need to be able to render the widget off the
> > screen and still be able to save it. 
> > 
> > I looked into fake_expose_widget()  from 
> > control-center-2.5.3/capplets/common/theme-thumbnail.c
> > and also from
> > /epiphany-1.1.9/lib/egg/egg-editable-toolbar.c
> > 
> > I am able to render simple widgets such as lables, and buttons. More
> > complex widgets such as containers need special handling, that I can do.
> > I need to loop
> > through each component and render it. In the case of gtkhtml, I do not
> > know the structure of the widget and it does not get rendered when I
> > call fake_expose_widget() on it. 
> > 
> > Is there a known fix? Is there any other way to save the canvas? (gnome
> > print maybe?)
> > 
> > -Nadav Rotem
> > Attached: the code

Attachment: signature.asc
Description: This is a digitally signed message part



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]