Re: Hotmail security hole - injecting JavaScript using <IMG

From: Eivind Eklund (eivindat_private)
Date: Sat Jan 08 2000 - 13:27:30 PST

Next message: Klaus.Kuscheat_private: "2nd attempt: AIX techlibss follows links"

Previous message: Karim Yaghmour: "strace can lie ... but LTT might be handy"
Maybe in reply to: Georgi Guninski: "Hotmail security hole - injecting JavaScript using <IMG"
Next in thread: Ajax: "Re: Hotmail security hole - injecting JavaScript using <IMG"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Jan 05, 2000 at 10:59:52PM -0500, Ajax wrote:
> In my dream world, languages like HTML would be required by their own
> bylaws to explicitly enumerate at least the most blatantly insecure
> features.  There *ought* to be a list somewhere of what tags can have
> javascript as a value, maintained by whichever authority is in charge of
> determining such things.  Granted this only reduces the (potential)
> vulnerability to a race condition -- between the updating of the
> standard and the updating of site filters -- but it's probably as good
> as we can hope to get.

No, it is not.  Why are everybody missing the obvious here?

It is TRIVIAL to make filters not have these kinds of security
problems.  The clue is that any security filter MUST default to
*D E N Y*, not pass.  Any security filter that denies 'bad' stuff and
passes everything else is BROKEN.

None of these problems would have occurred if MS had stuck to this
trivial basic of secure systems design.

Eivind.

Next message: Klaus.Kuscheat_private: "2nd attempt: AIX techlibss follows links"
Previous message: Karim Yaghmour: "strace can lie ... but LTT might be handy"
Maybe in reply to: Georgi Guninski: "Hotmail security hole - injecting JavaScript using <IMG"
Next in thread: Ajax: "Re: Hotmail security hole - injecting JavaScript using <IMG"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:27:28 PDT