|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [suse-security] Does Rich Text hold the same risks as html ?
jfweber
bellsouth.net
Date: Tue Jan 24 2006 - 12:32:54 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
And hence should be banned or tightly controlled locations where it can
be read? OR is it a completely other kind of animal, as "safe".. at
least as safe as anything coming thru the system sent by people you
may, or not, know.
I only remember Marc Andreeson ( sp?) Talking a lot about it during the
time Netscape was the scarey company in the wood work for MS. I never
got into the nuts and bolts of it... so I don't know anything about it
except it looks pretty.. but so can HTML properly done. And improperly
done HTML can bring a system down.. if the attacker knows enough to
circumvent rules that prevent it from being displayed...
I would greatly appreciate anyone who feels they have the time to
explain this to me. Pros and cons are both welcome.
TIA, y'all
--
j
"You never know until you try
It's hard to see which side your on
Some people say your half way here
Some people say your half way gone" song lyric
--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-helpsuse.com
Security-related bug reports go to securitysuse.de, not here
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]