Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×

Comment: Re:That's just sad. (Score 1) 72

by Bruce Cran (#35110056) Attached to: Adobe's Reader X Spoils New PDF Attack

It appears it's a useful feature because many applications allow commands to be embedded in documents - even ones you might not expect, like vim. From FreeBSD's pkg-message for editors/vim:

SECURITY NOTE: The VIM software has had several remote vulnerabilities
discovered within VIM's modeline support. It allowed remote attackers to
execute arbitrary code as the user running VIM. All known problems
have been fixed, but the FreeBSD Security Team advises that VIM users
use 'set nomodeline' in ~/.vimrc to avoid the possibility of trojaned
text files.

"There is no statute of limitations on stupidity." -- Randomly produced by a computer program called Markov3.

Working...