Re: information request regarding security issues with Gtk
- From: Havoc Pennington <hp redhat com>
- To: Mordechai Ovits <movits bloomberg com>
- Cc: gtk-devel-list gnome org
- Subject: Re: information request regarding security issues with Gtk
- Date: 30 May 2001 22:09:06 -0400
Mordechai Ovits <movits bloomberg com> writes:
> I am trying to find information about potential security problems with Gtk.
> Have any serious audits been done to the source code? What problems can crop
> up?
GTK should not be security-sensitive code. You've probably already
read:
http://www.gtk.org/setuid.html
I'm not familiar with any other possible issues in GTK 1.2. The
development version (1.3.x) has some image loaders, there's a security
issue there for web browsers and the like reading images from the web;
before stable release an audit of those is likely. As with all
unstable software, 1.3.x should not yet be used in production.
Havoc
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]