WebApp Sec mailing list archives

Re: Securing OWA on public computers.

From: "Kurt Seifried" <bt () seifried org>
Date: Thu, 7 Nov 2002 15:38:58 -0800

I've noticed that when accessing Outlook web access (through https) and
opening word attachment the attachment remain in cache.
The cache is still here even after closing browser.
When accessing confidential documents from public computers this present
security risk.
Any way to prevent this caching?

Thanks

A.Tarasul


By default most web clients will not cache web documents served over https
connections. However if you are opening this document up using a third party
applications (i.e. MS Word) then all bets are off. You cannot control this.
Working around this would be painful and tedious at best (i.e. use an
ActiveX control to display the document or convert the document into
something the browser can display internally such as html or a gif).

Kurt Seifried, kurt () seifried org
A15B BEE5 B391 B9AD B0EF
AEB0 AD63 0B4E AD56 E574
http://seifried.org/security/

Current thread:

Securing OWA on public computers. agtads (Nov 07)
- Re: Securing OWA on public computers. Kurt Seifried (Nov 07)
- <Possible follow-ups>
- Re: Securing OWA on public computers. Alexander (Nov 10)