Hacker News new | past | comments | ask | show | jobs | submit login

Ironically, I didn't pay attention to the "[pdf]" part of the title, and as soon as I clicked the link, the PDF file got downloaded.

I have a pretty strict AppArmor profile for Evince (AKA Document Viewer on GNOME-based DEs), so I thought that automatically downloading PDFs and opening them in Evince instead of in the web browser would be safer. I didn't even thought about this kind of attack surface.




Apparently, the code for parsing PDFs has grown larger than the linux kernel. That's quite an attack surface!




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: