Re: Oaf default build...
- From: Miguel de Icaza <miguel helixcode com>
- To: Elliot Lee <sopwith redhat com>
- Cc: gnome-components-list gnome org
- Subject: Re: Oaf default build...
- Date: 31 May 2000 15:42:36 -0400
> If a valid request to a valid object has come in previously, then it is
> allowed.
Mhm, so this is pretty bad.
Because it just means that we are protected at startup (if the object
name is effectively randomized), but once the object is used once by
anyone, then we are subject to attacks.
In reality, this means that any real user (say, panel applets) will
be vulnerable.
Miguel.
[Date Prev][
Date Next] [Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
