[PD-dev] writing exploits in Pd (Re: [PD] [file])
IOhannes m zmoelnig
zmoelnig at iem.at
Tue Aug 31 16:51:00 CEST 2021
On 8/31/21 4:37 PM, Antoine Rousseau wrote:
>>
>> i wonder whether it would be possible (with Pd>=0.42) to create a patch
>> that creates a gui-plugin on the fly.
>> if this is true, then you can already do everything that [file] allows you
>> to do - and much more
>
>
> yes, but [file] will be extremely useful in the "-nogui" and libpd contexts.
yes definitely. and much more.
i didn't write [file] to write exploits but to be useful.
>
> BTW, and about the "exploits", I'm wondering if this would be feasible to
> implement a safety lock callable from a libpd based application, that would
> restrict the write permission (of every Pd object) to a given list of
> directories.
we could probably restrict `sys_open` and friends.
however, externals are free to *not* use `sys_open` so that could be
easily circumvented.
mfgasdr
IOhannes
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <http://lists.puredata.info/pipermail/pd-dev/attachments/20210831/c7d6fb7f/attachment.sig>
More information about the Pd-dev
mailing list