Re: (in)SECURITY: mozilla-bonobo

> There's also the issue that "support for HTTP" has nothing to do with
> safety.  A company can have an intranet with HTTP served documents
> (perhaps use DAV) which are completely trustworthy, while documents
> served from are not safe.
> Which brings up a slightly different situation - not only do we need the
> component to advertise whether it's allowed to be used for untrusted
> documents, but also, how do we know which are untrusted, and how do we
> tell the component that?  Documents from servers on my local network I
> trust (and I can get to any of them using SMB or NFS as is anyhow), but
> not the outside world.

It is A LOT easier to assume that every on the web accessed through the
web browser is untrusted. If one has trusted documents on the local net,
browse them with Nautilus. Period.

Micros~1 has such a mechanism to create "zones" of security to determine
the safety of content, but this is useless because there are
Cross-Site-Scripting bugs in trusted websites that allow hackers to
circumvent the zone policies.

So, assuming that everything that comes through the web browser is
untrusted is A LOT safer too.

> To be honest, it's probably best the app/component be completely in
> charge of determining trust-worthiness/safetiness.  We need to handle
> the situation for when the user selects "File->Open" and enters a URL
> just as much as we do when the user clicks on a link in a web browser,
> opens an attachment in an email (just as dangerous if not more so in
> today's state of affairs), or opens a document from a remote file system
> browsed in Nautilus.

I didn't know that Nautilus has such an automated process of
download-and-open files off the net. This process should give fancy
warnings about security before opening stuff.


Fabio Gomes de Souza <fabio gs2 com br> Fone: (81) 9127-0597

 - Infra-estrutura de TI, seguranca, sistemas embutidos e Linux
 - Consultoria, planejamento, implementacao e gerenciamento negocios gs2 com br (81) 3492-7777

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]