[RFC] Security and Features in KPDF

Jason Keirstead jason at keirstead.org
Mon Jan 3 20:02:05 GMT 2005

What are the usual kinds of command lines that users can execute from PDF 
documents? I imagine they are usually just opening  web browsers and media 
players and other such things. Couldn't these normally be executed as a 
non-priviliged user?

Why not allow the commands, but run them as the 'nobody' user by default, or a 
simmilar non-priviliged user that is added at KPDF install time? Then the 
user can't hose their system, and if they want, they can just go into KPDF 
config and change the user to themselves, thus allowing full access for those 
important PDF presentations :)

If you wait by the river long enough, eventually
you will see the bodies of all your enemies float by.
    - Sun Tzu

More information about the kde-core-devel mailing list