Re: Why Don't Cocoa's (Un)Archiving Methods return Errors?
Re: Why Don't Cocoa's (Un)Archiving Methods return Errors?
- Subject: Re: Why Don't Cocoa's (Un)Archiving Methods return Errors?
- From: Wade Tregaskis <email@hidden>
- Date: Fri, 05 Aug 2011 00:21:23 -0700
> I'm not sure really what the argument here is. What both of you seem to be asserting is "you could construct any object from a fileā¦ that file might be maliciously structured to construct objects that behave in evil ways". This is true, but I'm not sure I see how this differs for *any* API that reads from the file system and constructs objects (as any file loading has to do). Can you give me an example of something that NSCoding (particularly when using keyed archiving) doesn't deal with cleanly, that leads to a security problem not found in other file loading schemes?
I've lost track of threads. Somewhere recently I responded on this point, or one very like it. In summary, the difference between other APIs as NSCoding is that most other APIs don't let the data in the file instantiate an instance of any class. A similar system, property lists, doesn't have this issue.
Someone indicated they like to treat NSArchived documents as code, with all the security implications therein. That's one, fairly practical way to look at it._______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden