oss-sec mailing list archives
Re: with firefox on X11, any page can pastejack you anytime
From: Michael Orlitzky <michael () orlitzky com>
Date: Wed, 18 Oct 2023 15:30:51 -0400
On Wed, 2023-10-18 at 13:25 -0500, Grant Taylor wrote:
It probably applies to a lot more than that. I suspect that anything that can run 3rd party code can do the same thing.
That's the crux of it but I don't think it frees Firefox from responsibility. Despite the premise being contrary to common sense and fifty years of evidence, Firefox promises to sandbox all of the bad things that untrusted third-party code might do to you. Are there any other programs that run third-party code by default and are not considered vulnerabilities?
Current thread:
- with firefox on X11, any page can pastejack you anytime turistu (Oct 17)
- Re: with firefox on X11, any page can pastejack you anytime Michael Orlitzky (Oct 18)
- Re: with firefox on X11, any page can pastejack you anytime Grant Taylor (Oct 18)
- Re: with firefox on X11, any page can pastejack you anytime Michael Orlitzky (Oct 18)
- Re: with firefox on X11, any page can pastejack you anytime Grant Taylor (Oct 18)
- Re: with firefox on X11, any page can pastejack you anytime Michael Orlitzky (Oct 18)
- Re: with firefox on X11, any page can pastejack you anytime Jan Engelhardt (Oct 18)
- Re: with firefox on X11, any page can pastejack you anytime Michael Orlitzky (Oct 18)
- Re: with firefox on X11, any page can pastejack you anytime Sam Bull (Oct 19)
- Re: with firefox on X11, any page can pastejack you anytime Steffen Nurpmeso (Oct 19)
- Re: with firefox on X11, any page can pastejack you anytime Sam Bull (Oct 19)
- Re: with firefox on X11, any page can pastejack you anytime Jeremy Stanley (Oct 19)
- Re: with firefox on X11, any page can pastejack you anytime Turistu (Oct 19)
- Re: with firefox on X11, any page can pastejack you anytime David Leadbeater (Oct 20)
- Re: with firefox on X11, any page can pastejack you anytime David Leadbeater (Oct 20)