[prev in list] [next in list] [prev in thread] [next in thread]
List: kfm-devel
Subject: Re: Possible security problem in KHTML or KMail?
From: Ilya Konstantinov <kfm-devel () future ! shiny ! co ! il>
Date: 2001-10-11 17:48:34
[Download RAW message or body]
On Thu, Oct 11, 2001 at 08:59:20PM +0000, Vadim Plessky wrote:
> On Thursday 11 October 2001 13:14, Martin Konold wrote:
> | On Thursday, 11. October 2001 16:55, Michael Häckel wrote:
> | > On Thursday 11 October 2001 16:41, Chris Howells wrote:
> | > > Yes; that's what shadow passwords are for :)
> | >
> | > Ok, but if a html web page is able to read the contents of for example
> | > your "My Documents"-folder, then it is also a security risk, even if if
> | > doesn't contain passwords.
> |
> | Yeah, it is definetly a privacy issue.
> |
Isn't failure to comply with the simple well-defined rules of
accessing properties of cross-domain windows?
Netscape's guide defines when an attempt to access another
window's properties will be denied - e.g. when protocols, domains or
URL paths don't match - and which properties are protected. I'd assume
all the DOM access methods will be protected.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic