[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-devel
Subject: Re: Security issue in Konqueror
From: Igor Gilitschenski <igi-g () gmx ! net>
Date: 2001-06-23 5:40:32
[Download RAW message or body]
Hi,
On Fri, Jun 22, 2001 at 05:37:01PM -0400, George Staikos wrote:
> On Friday 22 June 2001 16:28, Igor Gilitschenski wrote:
> > Hi,
> >
> > A co-worker of mine pointed my attention at a possible Security problem
> > in Konqueror today.
> > While connecting to a i.e. Self-certified SSL site, you don't recieve a
> > warning. You surely question, what the problem about this is.
> > The point is the following: This makes an eventual man in the Middle
> > attack possbile.
>
> Yes you are correct.
So how can this problem be solved? I'm not experienced with KIO, yet,
but it is AFAIK responsible for this. Does the https module have a CERT
manager (i haven't found a general one for KDE)?
If the only point is a warning, then this one could be included into the
KIO module, couldn't it?
Igor
--
"Die Wirklichkeit ist nicht die Wahrheit"
- Realitaetspinzip, 1983, Erich Fried
>> Visit http://master.kde.org/mailman/listinfo/kde-devel#unsub to unsubscribe <<
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic