Almost M$ free...
Carl Parrish
cparrish@computerprep.com
Tue, 9 May 2000 23:24:14 -0700
The way I understood this you wouldn't have to do anything but go to a
website. They would have written the JavaScript code and if you still had
the same session opened that you used to do your Web admin tool (such as NS
enterprise or MS IIS web consol) they could trash your system. The quick and
easy solution is of course to simply close any such sessions (read: close
and restart your browser) Perhaps there should be a button on your browser
to reset all session? (must talk to the mozilla ppl about that. )
Carl Parrish
Webmaster
ComputerPREP.com
-----Original Message-----
From: plug-discuss-admin@lists.PLUG.phoenix.az.us
[mailto:plug-discuss-admin@lists.PLUG.phoenix.az.us]On Behalf Of Lucas
Vogel
Sent: Tuesday, May 09, 2000 10:11 PM
To: 'plug-discuss@lists.PLUG.phoenix.az.us'
Subject: RE: Almost M$ free...
Isn't this a trojan horse in the making if you give users permission to
write their own DTML code? Or did I read it wrong?
-----Original Message-----
From: Craig White [mailto:CraigWhite@azapple.com]
Sent: Tuesday, May 09, 2000 10:08 PM
To: plug-discuss@lists.PLUG.phoenix.az.us
Subject: RE: Almost M$ free...
huh?
----:----|----:----|----:----|----:----|----:----|----:----|
- Craig White - PO Box 8634 - Scottsdale, Arizona - 85252
- e-mail address ................ - CraigWhite@AzApple.com
- world wide web address ........ - http://www.AzApple.com
- e-mail my pager address ....... - 6023779752@airtouch.net
- cellular phone ................ - (602) 377-9752
- voice/facsimile ............... - (480) 945-8445
----:----|----:----|----:----|----:----|----:----|----:----|
> -----Original Message-----
> From: plug-discuss-admin@lists.plug.phoenix.az.us
> [mailto:plug-discuss-admin@lists.plug.phoenix.az.us]On Behalf Of Lucas
> Vogel
> Sent: Tuesday, May 09, 2000 10:04 PM
> To: 'plug-discuss@lists.PLUG.phoenix.az.us'
> Subject: RE: Almost M$ free...
>
>
> Nobody should really be giving anyone those privileges anyway, unless they
> are developers...
>
> -----Original Message-----
> From: Craig White [mailto:CraigWhite@azapple.com]
> Sent: Tuesday, May 09, 2000 10:03 PM
> To: plug-discuss@lists.PLUG.phoenix.az.us
> Subject: RE: Almost M$ free...
>
>
> http://www.zope.org/Members/jim/ZopeSecurity/ClientSideTrojan
>
> a Zope caution...
>
> Craig
>
> ----:----|----:----|----:----|----:----|----:----|----:----|
> - Craig White - PO Box 8634 - Scottsdale, Arizona - 85252
> - e-mail address ................ - CraigWhite@AzApple.com
> - world wide web address ........ - http://www.AzApple.com
> - e-mail my pager address ....... - 6023779752@airtouch.net
> - cellular phone ................ - (602) 377-9752
> - voice/facsimile ............... - (480) 945-8445
> ----:----|----:----|----:----|----:----|----:----|----:----|
>
> > -----Original Message-----
> > From: plug-discuss-admin@lists.plug.phoenix.az.us
> > [mailto:plug-discuss-admin@lists.plug.phoenix.az.us]On Behalf Of Jim
> > Sent: Tuesday, May 09, 2000 4:43 PM
> > To: plug-discuss@lists.plug.phoenix.az.us
> > Subject: RE: Almost M$ free...
> >
> >
> > Heh - another happy Zope convert ;)
> >
> > On Tue, 09 May 2000, you wrote:
> > > Jim,
> > > Zope is WAY COOL. I just wanted to make that point clear :)
> > >
> >
> > _______________________________________________
> > Plug-discuss mailing list - Plug-discuss@lists.PLUG.phoenix.az.us
> > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
> _______________________________________________
> Plug-discuss mailing list - Plug-discuss@lists.PLUG.phoenix.az.us
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
> _______________________________________________
> Plug-discuss mailing list - Plug-discuss@lists.PLUG.phoenix.az.us
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
_______________________________________________
Plug-discuss mailing list - Plug-discuss@lists.PLUG.phoenix.az.us
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
_______________________________________________
Plug-discuss mailing list - Plug-discuss@lists.PLUG.phoenix.az.us
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss