Hey Guido, Thanks for sharing the outcome of your project with us! I like the idea and think it solves a pretty common and practical problem.
I wonder, have you been able to integrate the 'launch_pdf_reader' as deployable package into Sculpt? If yes, are you planning to publish it, so other Sculpt users can give it a try too? Cheers, Martin El 26/5/19 a las 22:54, Guido Witmond escribió: > Hi Genodians, > > With some pride, I present the results of my Hack'n'Hike project: > 'launch_pdf_reader'. > > My goal is to have a shared directory between a Linux VM and the Genode > environment. Whenever the linux world puts a PDF file into the shared > folder, a Genode process picks it up and starts a PDF viewer to render > it inside a Genode sandbox. > > As there is no PDF rendering on Linux (or Windows VM, if that's your > thing), it eliminates parser bugs that could be used to attack a user. > These attacks abuse of the Ambient Authority model of Linux, also called > the Confused Deputy problem. > > This makes pdf rendering on Linux as easy - and secure - as > ''/bin/cp $PDF $SHARE'' > > The repo lives at: https://github.com/gwitmond/genode-launch-pdf-reader > > With regards, > > Guido. > > _______________________________________________ > Genode users mailing list > users@lists.genode.org > https://lists.genode.org/listinfo/users _______________________________________________ Genode users mailing list users@lists.genode.org https://lists.genode.org/listinfo/users
