lynx-dev
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Draft CERT bulletin (was Re: LYNX-DEV security.html)

From: Jonathan Sergent
Subject: Re: Draft CERT bulletin (was Re: LYNX-DEV security.html)
Date: Wed, 09 Jul 1997 16:09:06 -0500 
Hynek wrote:
 ] On Mon, 7 Jul 1997, Jim Spath (Webmaster Jim) wrote:
 ] 
 ] > A malicious user with access to the same machine as other Lynx users may be
 ] > able to cause another user's Lynx process to overwrite another file on the
 ] > system (in the user's home directory, for example).
 ] 
 ] I'd like to add her something like "..with the content of the file the
 ] lynx user downloads/prints/whatever. Fortunately the content of the file
 ] isn't in the hands of the malicious user (it depends on what does the
 ] innocent user download/print/..", or something to this effect in more
 ] official style. 

But that might be incorrect.  That does not need to be part of the
bulletin; its purpose is not to educate the readers on the technical
details behind the problem but merely to let them know (a) if they
are affected, (b) the possible impact of the problem, and (c) the
possible solutions.


--jss.
;
; To UNSUBSCRIBE:  Send a mail message to address@hidden
;                  with "unsubscribe lynx-dev" (without the
;                  quotation marks) on a line by itself.
;
reply via email to
[Prev in Thread] Current Thread [Next in Thread]