Mailinglist Archive: opensuse-factory (1029 mails)

< Previous Next >
Re: [opensuse-factory] Let's keep acroread for pure reasons of usability.
  • From: Marguerite Su <i@xxxxxxxxxxxxx>
  • Date: Fri, 8 Nov 2013 10:13:16 +0800
  • Message-id: <CAK0PdAnQFySE3hZHFBXXhHyAGdgwe=Qbq15j40-s9k9ksY2wEg@mail.gmail.com>
On Fri, Nov 8, 2013 at 6:20 AM, Christian Boltz <opensuse@xxxxxxxxx> wrote:
I don't know about the exact security risks - maybe someone from the
security team knows more details.

With an AppArmor profile, you can make sure that acroread only reads
*.pdf files and doesn't read or modify random files on your disk. You
can also forbid networking - but this doesn't sound too useful when you
need to submit a form online ;-)

Anyway, I'll attach my AppArmor profile for acroread. It's not as tight
as it could be (and I'll probably do some changes to it now that I know
acroread won't get security updates anymore), but it's a good start.
Be warned that you will need to change it - for example I'm quite sure
your home directory is not /home/cb/ ;-)

Note: the profile only covers the binary, not the wrapper script.

Security flaws are not judged by whether there're workarounds...

You can have a entry on Release Note mention: ha, something doesn't
work...here's how to get it work. But you can't say: ha...we are
potential targets for...well here's how...

It'll mean: we're insecure by default...that's crazy and insane...of
course almost 90% of network tools' security flaws can be "fixed" by
disconnection from network...I don't wanna look like a troll but
that's an extreme example...

And I don't think a public hearing on a puclic mailing list for
explanations of what those security flaws are or where they're is a
_good_ idea...maybe we can open a _close_ security bug report?

Marguerite
--
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-factory+owner@xxxxxxxxxxxx

< Previous Next >
This Thread