zlacker

[return to "Bad Apple Font"]
1. triclo+X1[view] [source] 2023-08-30 03:07:37
>>notmys+(OP)
Obviously the thought comes up of the fact that this feels unsafe to have WASM in font files, but, I'm also aware that font layout engines are already turing complete, which leads me to wonder: have there been any high profile malware font examples? That entire stack feels a lot like an attack surface to me, especially given stuff like the fact that windows used to render fonts in the kernel layer.
◧◩
2. chrisc+Y4[view] [source] 2023-08-30 03:35:16
>>triclo+X1
Wasm is sandboxed, so it's not really any different than rendering a web view inside an app.

Note the author had to modify Gimp to get it to run the wasm. It's not something most apps would allow just for font rendering.

[go to top]