Re: Intent to package Xswallow
On Mon, May 04, 1998 at 03:22:42PM +0100, Martin Read wrote:
> Javier Fernandez-Sanguino Pen~a writes:
> This sounds distressingly like a serious security hole - unless it refuses
> requests resembling "xterm -e foo". It's not quite as bad as "xhost +",
> I'll admit, but it does sound like a major risk nevertheless.
>
> > I have tried it with Netscape 3.0 and 4.0b5 (not with Mozilla yet :( )
> > it can be found as a RedHat package so I intend to use this first for the
> > first release. BTW it is GPL'd.
>
> Martin
As a matter of fact I will only launch applications associated with
/etc/mime.types and configured in an installed file (xswallow.conf en /usr/lib/netscape).
So it *may* be a security hole, but just if you allow it as many other
things :)
Javi
--
To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: