diff options
| author | Daniel Kahn Gillmor | 2018-09-05 13:00:28 -0400 |
|---|---|---|
| committer | Daniel Kahn Gillmor | 2018-09-05 13:00:28 -0400 |
| commit | 2d9ba81a84a122f09770ed53d8c8284bf3b61dc0 (patch) | |
| tree | d199b97b6785fbbaf65078a3d50901b4c51c4fab /doc | |
| parent | 072ee1814d2d40788a93622fe6e753a9f434d515 (diff) | |
spelling correction.
while mat2 has both a thread model (a thread pool that strips metadata
in parallel) and a threat model (a list of malicious adversaries and
their capabilities that we are trying to defeat), i think this
paragraph is talking about the latter.
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/implementation_notes.md | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/doc/implementation_notes.md b/doc/implementation_notes.md index 3b8e49d..cbf76ee 100644 --- a/doc/implementation_notes.md +++ b/doc/implementation_notes.md | |||
| @@ -64,7 +64,7 @@ to the filesystem. This ensures that every metadata is removed. | |||
| 64 | XML attacks | 64 | XML attacks |
| 65 | ----------- | 65 | ----------- |
| 66 | 66 | ||
| 67 | Since our thread model conveniently excludes files crafted to specifically | 67 | Since our threat model conveniently excludes files crafted to specifically |
| 68 | bypass MAT2, fileformats containing harmful XML are out of our scope. | 68 | bypass MAT2, fileformats containing harmful XML are out of our scope. |
| 69 | But since MAT2 is using [etree](https://docs.python.org/3/library/xml.html#xml-vulnerabilities) | 69 | But since MAT2 is using [etree](https://docs.python.org/3/library/xml.html#xml-vulnerabilities) |
| 70 | to process XML, it's "only" vulnerable to DoS, and not memory corruption: | 70 | to process XML, it's "only" vulnerable to DoS, and not memory corruption: |