Re: WWW Security Hole -- Bull!

rhb@hotsand.att.com
Thu, 12 Aug 93 19:45:33 EDT

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Tony Sanders: "Re: WWW Security Hole -- Bull!"
Previous message: Marc VanHeyningen: "Re: WWW Security Hole -- Bull!"
Next in thread: Tony Sanders: "Re: WWW Security Hole -- Bull!"

What WWW (and also Gopher) offers is something without precedent a few
years ago; a very general ability to pass around objects which, when
received, cause someone else to perform a particular network
transaction without being specifically aware of doing so, potentially
turning clients into gateways. Is it so surprising that there are new
security concerns? I'm amazed (and pleased) there have been so few
problems.

- Marc
--
Marc VanHeyningen mvanheyn@cs.indiana.edu MIME, RIPEM & HTTP spoken here
^^^^
Don't take this wrong (i.e., from the tone of the last two messages), but what
about MIME??! The MIME/ghostview security hole was potentially much more devastating than
the one you've uncovered for many reasons. From your analysis, I would say that we should
throw out MIME...

Rich Brandwein

Next message: Tony Sanders: "Re: WWW Security Hole -- Bull!"
Previous message: Marc VanHeyningen: "Re: WWW Security Hole -- Bull!"
Next in thread: Tony Sanders: "Re: WWW Security Hole -- Bull!"