Re: LYNX-DEV Lynx vulnerabilities

lynx-dev

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: LYNX-DEV Lynx vulnerabilities

From:	Hynek Med
Subject:	Re: LYNX-DEV Lynx vulnerabilities
Date:	Wed, 2 Jul 1997 14:33:02 +0200 (MET DST)

On Tue, 1 Jul 1997, Jonathan Sergent wrote:

>     I made some edits (please clean up my formatting attempts), see
> my version at http://www.io.com/~sergent/ .

I think your chages are very good (namely correcting Subir about the
temporary files problem), but I'd like to see more emphasis on
the fact that the content of the files a malicious hacker can overwrite
users' files with isn't fortunately in his [hacker's] hands, but it rather
depends on the content of the document the user downloads. Of course if
the lynx user is root, and the target file /dev/sda.. :-(

Hynek

--
Hynek Med, address@hidden

;
; To UNSUBSCRIBE:  Send a mail message to address@hidden
;                  with "unsubscribe lynx-dev" (without the
;                  quotation marks) on a line by itself.
;

[Prev in Thread]

Current Thread

[Next in Thread]

LYNX-DEV Lynx vulnerabilities, Subir Grewal, 1997/07/01
- Re: LYNX-DEV Lynx vulnerabilities, Jonathan Sergent, 1997/07/01
  - Re: LYNX-DEV Lynx vulnerabilities, Hynek Med <=
    - Re: LYNX-DEV Lynx vulnerabilities, Jonathan Sergent, 1997/07/02

Prev by Date: Re: LYNX-DEV Alleged Lynx security emergency
Next by Date: Re: LYNX-DEV lynx, text/html and non-standard suffixes
Previous by thread: Re: LYNX-DEV Lynx vulnerabilities
Next by thread: Re: LYNX-DEV Lynx vulnerabilities
Index(es):
- Date
- Thread