W3C home > Mailing lists > Public > www-font@w3.org > July to September 2009

Fonts and security (was: The unmentionable)

From: John Hudson <tiro@tiro.com>
Date: Wed, 29 Jul 2009 14:02:38 -0700
Message-ID: <4A70B8EE.9070006@tiro.com>
CC: "www-font@w3.org" <www-font@w3.org>
I pulled this out with a new subject line because I thought it deserved 
attention even though, as Dirk pointed out in a response under the old 
subject, it is beginning to head off topic. Whatever security is, it 
isn't unmentionable.

Erik van Blokland wrote:

> I think the security aspect of fonts on the web has not gotten the 
> attention it probably deserves.
> Just consider when a UA uses the OS for rendering fonts, possibly 
> malicious code gets to interact with processes deep in the OS, shared 
> with other applications. I know from unintentional experiments that a 
> bad font can do more damage than a malicious javascript.

> I'm not saying this all by itself should be a reason for same-origin for 
> fonts. I bring it up with some reluctance as crying wolf nor 
> demonstrating would seem appropriate in a public forum. But it won't 
> surprise me if folks will try.

Indeed. Even with Type 1 PostScript it was possible to bring down a 
system with a font, as I discovered in 1995. I didn't even know what had 
caused the problem until I was restoring folder-by-folder and hit this font.

JH
Received on Wednesday, 29 July 2009 21:03:19 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Saturday, 11 June 2011 00:14:03 GMT