Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1996_2

Bugtraq archives for 2nd quarter (Apr-Jun) 1996: Re: Is _your_ Netscape under remote control

Re: Is _your_ Netscape under remote control

Dave Taylor (taylordcwr.uwa.edu.au)
Fri, 24 May 1996 14:37:27 +0800

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Colin Jenkins: "Re: [linux-security] Things NOT to put in root's crontab [via"
Previous message: Andrew Raphael: "Re: Security problem in ESRI's ArcDoc 7.0.4"
In reply to: Phillip Wherry: "Re: Is _your_ Netscape under remote control"
Next in thread: Montserrat Mirman Castillo: "Re: Is _your_ Netscape under remote control"

>
> A couple of messages have appeared on the Bugtraq mailing list concerning
> the use of X to control a Netscape client. I think there's a fundamental
> point being missed here: control of the Netscape client is done through X
> properties and thereby REQUIRES that one already have control of the X
> server.

This is more of an idle thought than anything else, but say your Netscape
client is accessing a remote site via a proxy (to get through your
filewall or whatever), and if the client trusted the proxy in terms of
xhost (not entirely unreasonable), would it be possible to control it
from any page it accessed?
David

Next message: Colin Jenkins: "Re: [linux-security] Things NOT to put in root's crontab [via"
Previous message: Andrew Raphael: "Re: Security problem in ESRI's ArcDoc 7.0.4"
In reply to: Phillip Wherry: "Re: Is _your_ Netscape under remote control"
Next in thread: Montserrat Mirman Castillo: "Re: Is _your_ Netscape under remote control"