The Postscript rendering has to be sandboxed, running in a secure, limited conte... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		jonhendry on Aug 19, 2010 \| parent \| context \| favorite \| on: Are We Taking CSS Too Far? The Postscript rendering has to be sandboxed, running in a secure, limited context. At least, that's what NeXT had to do with their Display Postscript. Prior to that it was possible to email someone a postscript file which the WindowServer would try to render for display in the mail window. One such file that went around would, when you clicked on the email, grab all your windows, spin them around the screen, and throw them off. That's harmless, but Display Postscript included file operations...

jws on Aug 19, 2010 | [–]

Sandboxing would be required.

Delegating an area of display would also need to be part of the security model to support things like third party ads.

Ah, the details…

jff on Aug 19, 2010 | [–]

Yeah, thank god we now have operating systems which can't be harmed by email attachments... oh wait.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact