LibTiff Mailing List
TIFF and LibTiff Mailing List Archive
August 2008
Previous Thread
Next Thread
Previous by Thread
Next by Thread
Previous by Date
Next by Date
Contact
The TIFF Mailing List Homepage
This list is run by Frank Warmerdam
Archive maintained by AWare Systems
Thread
2008.08.31 21:51 "Re: Some security fixes from RHEL", by Bob Friesenhahn
On Sun, 31 Aug 2008, Rogier Wolff wrote: > On Sun, Aug 31, 2008 at 10:38:01AM -0500, Bob Friesenhahn wrote: >> If an application needs to be secure/stable in the face of hostile >> files then it should not link against libtiff. > end. Some malicious user might send invalid tiff files. The programs you list: gqview, GIMP, ImageMagick, and Hylafax are not safe to use when faced with files from malicious users. Even if the maintainers of these (huge) packages respond reasonably quickly and responsibly when they become aware of a security issue, you are severely mislead if you believe that this causes them to be secure. If you are running a server based on this complex software and it consumes files uploaded by potentially malicious users, then you should take precautions to prevent calamity if the software is convinced to something terribly wrong. Likewise, end users should take care regarding files they open from people they don't already intend to trust. > My system lists 199 packages as depending on libtiff. Over half cannot > guarantee that they won't be run on data from the internet. > > For the record, I find your statement rediculous. Unfortunate perhaps, but not rediculous. The application I maintain (GraphicsMagick) already has an security exposure of over 1.1 million lines of code. Modern ImageMagick likely doubles or quadruples this exposure. Do you care to thoroughly inspect all of this code? Bob ====================================== Bob Friesenhahn bfriesen@simple.dallas.tx.us, http://www.simplesystems.org/users/bfriesen/ GraphicsMagick Maintainer, http://www.GraphicsMagick.org/