[prev in list] [next in list] [prev in thread] [next in thread]
List: kfm-devel
Subject: Re: Possible security problem in KHTML or KMail?
From: Stephan Kulow <coolo () kde ! org>
Date: 2001-10-11 14:48:45
[Download RAW message or body]
On Thursday 11 October 2001 16:41, Chris Howells wrote:
> > From: Rob Kaper <cap@capsi.com>
> >
> > On Wed, Oct 10, 2001 at 09:14:59PM +0200, Ingo Klöcker wrote:
> > > <html><head></head><frameset><frame src="/etc/passwd"></frameset>
> > > <body></body></html>
> >
> > This is by no means a security risk. Local users have always been able to
> > read/display the /etc/passwd file.
>
> Yes; that's what shadow passwords are for :)
Nonsense. /etc/passwd is just an example and the list of users on a specific
machine is already more information that what should be gathered from outside.
Greetings, Stephan
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic