[PD] [file]
IOhannes m zmoelnig
zmoelnig at iem.at
Tue Aug 31 16:07:46 CEST 2021
On 8/31/21 3:50 PM, Christof Ressi wrote:
>> Has this any security implications?
> Generally, every single external is a potential security risk since it
> contains arbitrary code.
what i forgot to say:
even with my proof-of-concept exploit (regardless of whether it actually
works), i don't think there is anything inherently wrong with that.
if we consider Pd as a programming language, then it should be possible
to write all kinds of code.
e.g. you could write a Pd-patch that cleverly uses beta- and zeta-waves
to hypnotize people and make them give you all their money - no
filesystem access involved.
or just play some very loud sounds, right after you completed your ENT
degree.
having said that, the idea of a "sandboxed" Pd might be interesting.
> Maybe [zexy] contains a backdoor for the NSA,
> who knows?
i do.
gfamsdr
IOhannes
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <http://lists.puredata.info/pipermail/pd-list/attachments/20210831/2db8c8a4/attachment.sig>
More information about the Pd-list
mailing list