Hi Chris,
You're right: File browse dialogs change the CWD and this contributes
essentially to the exploitability of the bug in question. While it's possible
to prevent these dialogs from *keeping* the CWD where the user OK'ed a selected
file/folder (see http://www.binaryplanting.com/guidelines
;
>c...@cert.org; si-c...@arnes.si
>Subject: [Full-disclosure] Google Chrome pkcs11.txt File Planting
>
>
>A month ago our company notified Google about a peculiar behavior of
>Chrome browser that can be exploited for execution of remote code outside
>Chrome sandbox
