Re: NSSecureCoding & NSAttributedString
Re: NSSecureCoding & NSAttributedString
- Subject: Re: NSSecureCoding & NSAttributedString
- From: Quincey Morris <email@hidden>
- Date: Mon, 19 Feb 2018 10:49:38 -0800
On Feb 19, 2018, at 10:32 , Markus Spoettl <email@hidden> wrote:
>
> for the exact purpose of replacing classes
Well, it’s not a cuckoo’s egg attack if the secure decoder is looking for the
replacement cuckoo class, I guess. What still worries me is that you substitute
with a class that doesn’t have the expected behavior *in context* (you: "Of
course this loses the attribute's real values”).
However, as I said before, I’m not very good about reasoning out security
threats, and so tend to be over-suspicious of creative solutions.
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden