# RootPrompt.org   Nothing but Unix.[Home] [Features] [Programming] [Mac OS X] [Search]

 Call components safely

Clicking on a hypertext link while viewing a PDF file shouldn't be a security problem as long as you trust the viewer it invokes. But users of xpdf version 0.90 discovered that this assumption was an extremely bad one. When an xpdf user clicked on a hypertext link, xpdf started up a viewer (Netscape by default) and sent the URL to the viewer. So far, so good. But the xpdf developers decided to start up the viewer by using the system() call. That was the bad idea.

 (Submitted by Anonymous Tue Dec 28, 2004 )


Our content can be syndicated: Main page Mac Page

Copyright 1999-2005 Noel Davis. Noel also runs web sites about sailing and kayaking.
All trademarks are the property of their owners.
All articles are owned by their author