On Sun, 2 Mar 2003, Ivan Popov wrote:
Hello,
having read the statement about dillo being a secure browser,
It tries to be!
I want to draw your attention to the exploitable in different ways bookmarks plugin interface.
I submitted it as a bug and mentioned denial-of-service only, but creating predictably named sockets in /tmp opens to other possible attacks (e.g. spoofing your bookmarks) as well.
I realize dillo and the plugins are evolving at fast rate, but this issue can (and should?) be fixed even on the early stages of development.
Probably (soon) socket file descriptors will reside in /tmp/dillo and use temporary filenames, or something akin (this also solves the problem of a pre-existent file with the same name).
Thanks for the great software! I appreciate dillo - it is small, fast and functional.
Thanks for your nice comments too. Cheers Jorge.-