Bugtraq mailing list archives
Re: MIME question...
From: r.evans () ic ac uk (r.evans () ic ac uk)
Date: Tue, 28 Mar 1995 11:22:37 +0100 (BST)
The closest to this I've heard of is also a potential problem with some Web Browsers. If you can invoke a sufficiently sophisticated postscript interpreter with an email message or a web graphic, you can embed code to do unintended things, since PostScript is a full language.
Ghostscript has an option to tell it not to allow access to any external files, I believe. On the same note, has anyone had a close look at 'HotJava' yet from a security standpoint? This is yet another Web browser (from Sun). The main difference is that it can allow code to be downloaded and executed locally. It's currently only available on Solaris 2.[34] for sparc, but MacOS and W-latter-half-of-decade ports are underway. There's a security doc available under the home page <URL:http://java.sun.com/> that suggests some thought has been paid to security, but it sounds like thin ice to me. [I know this isn't strictly discussion of a bug, but surely it's relevant enough for discussion here?] Rob
Current thread:
- MIME question... robert owen thomas (Mar 17)
- Re: MIME question... Doug Hughes (Mar 17)
- <Possible follow-ups>
- Re: MIME question... Pete Hartman (Mar 27)
- Re: MIME question... r.evans () ic ac uk (Mar 28)
- Re: MIME question... mueller_scott (Mar 28)
- Re: MIME question... Jonathon Tidswell (Mar 28)
- Re: MIME question... Christian Wettergren (Mar 29)
- Request to Join Mailing List BRUCE.SHELDON () STATE MN US (Mar 29)
- Network Monitoring and Control (announcement) Mike Neuman (Mar 29)
- Network Monitoring and Control (announcement) Mike Neuman (Mar 29)
- Network Monitoring and Control (announcement) Mike Neuman (Mar 29)
- Network Monitoring and Control (announcement) Mike Neuman (Mar 29)
- Re: Network Monitoring and Control (announcement) Christopher D. Heer (Mar 30)
- Network Monitoring and Control (announcement) Mike Neuman (Mar 29)
(Thread continues...)