[cap-talk] images and capability security

[John Carlson]

There have been security vulnerabilities involving JPEG images.  Does  
capability security offer any more security over conventional  
techniques for security vulnerabilities in images?   I guess if  
there's a vunerability in an image, you want the bug to happen in user  
space.  Which would be an argument for not putting file formats into  
the kernel, drivers, or graphics cards, and if the bug is in a shared  
library, you want a reasonable interface which doesn't expose  
applications to your file format, so you can replace the shared  
library if you need to.
John