Commit 2d9ba81a authored by dkg's avatar dkg

spelling correction.

while mat2 has both a thread model (a thread pool that strips metadata
in parallel) and a threat model (a list of malicious adversaries and
their capabilities that we are trying to defeat), i think this
paragraph is talking about the latter.
parent 072ee181
......@@ -64,7 +64,7 @@ to the filesystem. This ensures that every metadata is removed.
XML attacks
-----------
Since our thread model conveniently excludes files crafted to specifically
Since our threat model conveniently excludes files crafted to specifically
bypass MAT2, fileformats containing harmful XML are out of our scope.
But since MAT2 is using [etree](https://docs.python.org/3/library/xml.html#xml-vulnerabilities)
to process XML, it's "only" vulnerable to DoS, and not memory corruption:
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment