[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Gnumed-bugs] unhandled exception in report plugin querying ref.pape
|
From: |
Karsten Hilbert |
|
Subject: |
Re: [Gnumed-bugs] unhandled exception in report plugin querying ref.paperwork_templates |
|
Date: |
Sun, 24 Jul 2011 19:42:36 +0200 |
|
User-agent: |
Mutt/1.5.21 (2010-09-15) |
On Sun, Jul 24, 2011 at 09:14:42AM -0700, Jim Busser wrote:
> > However, this log points out
> >
> > 1) one more way to protect the report generator from "malicious"
> > queries
>
> Can you envision a use-case for purposeful attempts at unhandled exceptions
> where a perpetrator is aiming to achieve something unauthorized?
- exploit a file system bug to hijack the location
where exception logs are stored
- run a query that throws an exception
- the client auto-switches to debug mode
- pilfer the log(s) for useful information
By "malicious" I meant to say "queries that except the client".
> > 2) one more way to protect the list widget tooltip generator
> > from excepting the client on unusual circumstances.
>
> list widget tooltip generator = report generator plugin ?
No:
gmListWidgets.py::cReportList._on_mouse_motion()::dyna_tt =
self.__item_tooltip_callback(self.__data[item_idx])
Karsten
--
GPG key ID E4071346 @ gpg-keyserver.de
E167 67FD A291 2BEA 73BD 4537 78B9 A9F9 E407 1346