Firefox3.1/Downloadable Fonts Security Review: Difference between revisions

Firefox3.1/Downloadable Fonts Security Review (view source)

220 bytes added , 3 September 2008

241

edits

@@ Line 10: / Line 10: @@
 == Security and Privacy ==
-* What security issues do you address in your project?
+The major concern with the introduction of this feature is that it exposes our text rendering code and the platform-specific libraries we use to attack via intentionally corrupt fonts.  Evil fonts could already cause these problems with our code currently but adding support for downloadable fonts makes this far easier.  Possible risk areas: handling font names, reading the character map, handling metrics, catching errors when drawing with bogus glyph data.  Within our source tree this could affect code within gfx/thebes, gfx/cairo and within layout code.
-* Is system or subsystem security compromised in any way if your project's configuration files / prefs are corrupt or missing?
-* Include a thorough description of the security assumptions, capabilities and any potential risks (possible attack points) being introduced by your project.
 == Exported APIs ==