[Development] A bug or not a bug, that's the question
Konstantin Tokarev
annulen at yandex.ru
Thu Sep 5 13:51:18 CEST 2013
05.09.2013, 15:46, "Kurt Pattyn" <pattyn.kurt at gmail.com>:
>> From: Thiago Macieira <thiago.macieira at intel.com>
>> Subject: Re: [Development] A bug or not a bug, that's the question
>> Date: 26 Aug 2013 17:16:19 GMT+02:00
>> To: development at qt-project.org
>> On segunda-feira, 26 de agosto de 2013 13:53:38, Kurt Pattyn wrote:
>> We should remove the check. It was added because GLib made the mistake of
>> forbidding them, and the mistake was imported into D-Bus, which led to remote
>> DoS attacks in KDE applications that sent remote text via D-Bus (konversation
>> sent the text sent by people from IRC).
>> GLib was fixed in version 2.36 and D-Bus was fixed in 1.6.10. Since 1.6.10 is
>> pretty new, we need to keep a version check in QtDBus.
>
> Is it OK then to remove the check in QUtf8Codec, or do we need a check on the DBus version (which is not relevant for other platforms than Linux), and depending on the version include/exclude the check?
>
As for "is not relevant for other platforms than Linux", DBus successfully runs on OS X and IIRC can be used on Windows as well.
--
Regards,
Konstantin
More information about the Development
mailing list