6 Dec
2007
6 Dec
'07
1:02 a.m.
On Dec 5, 2007, at 2:50 PM, Kevin Van Vechten wrote:
Absolutely. Helper tools require a setuid executable bit to be set; they're also inherently less secure -- every environment variable used by every library linked against is a potential source of attack. Launch-on-demand helpers start from a clean environment, avoiding this class of vulnerabilities.
I get that, but I'm talking about what the user sees on their screen, not the under-the-hood stuff they know nothing about.