[RFC] Security and Features in KPDF
Jason Keirstead
jason at keirstead.org
Mon Jan 3 20:02:05 GMT 2005
What are the usual kinds of command lines that users can execute from PDF
documents? I imagine they are usually just opening web browsers and media
players and other such things. Couldn't these normally be executed as a
non-priviliged user?
Why not allow the commands, but run them as the 'nobody' user by default, or a
simmilar non-priviliged user that is added at KPDF install time? Then the
user can't hose their system, and if they want, they can just go into KPDF
config and change the user to themselves, thus allowing full access for those
important PDF presentations :)
--
If you wait by the river long enough, eventually
you will see the bodies of all your enemies float by.
- Sun Tzu
More information about the kde-core-devel
mailing list