[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kfm-devel
Subject:    Re: Possible security problem in KHTML or KMail?
From:       Vadim Plessky <lucy-ples () mtu-net ! ru>
Date:       2001-10-11 17:00:18
[Download RAW message or body]

On Thursday 11 October 2001 13:14, Martin Konold wrote:
|   On Thursday, 11. October 2001 16:55, Michael Häckel wrote:
|   > On Thursday 11 October 2001 16:41, Chris Howells wrote:
|   > > Yes; that's what shadow passwords are for :)
|   >
|   > Ok, but if a html web page is able to read the contents of for example
|   > your "My Documents"-folder, then it is also a security risk, even if if
|   > doesn't contain passwords.
|
|   Yeah, it is definetly a privacy issue.
|

ok, what would be your proposal?
When you develop web site, pages (incl. frame content, and IFRAME's src) are 
on local disk. And you can browse them without any restrictions.

I, personally, think that it would be nice to have possibility to disable 
IFRAME and OBJECT  (and EMBED, APPLET) content display on web page (as with 
JavaScript - per domain), but it's not connected tdirectly o privacy/security 
reasons raised here.

Most ads (at least in Germany) are placed now inside IFRAME's, so disabling 
IFRAME for "*.de" domains will effectively disable those annoying ads. :-))  
Disabling EMBED, you easily get rid of Flash ads, without popus that "Falsh 
plugin is not installed" (but it is, again, separate issue)

|   Regards,
|   -- martin
|   KDE 3.0: Konquering the Desktop!

-- 

Vadim Plessky
http://kde2.newmail.ru  (English)
33 Window Decorations and 6 Widget Styles for KDE
http://kde2.newmail.ru/kde_themes.html
KDE mini-Themes
http://kde2.newmail.ru/themes/

[prev in list] [next in list] [prev in thread] [next in thread]