David Schwartz wrote: >>Think that is scary? I cannot state about the current browser, but >>previous versions bypassed a lot of the NT security features. Happens >>when the browser is made an integral part of the OS - but for legal >>reasons and with apparently little concerns to security ones. >> > > I would say the reverse would be more of a security problem. You'd prefer >that somebody could create a web site with the same name as one of your >files and when you ask for the file, you get the web site? > > If you care about security, enter fully-qualified URLs, don't use >abbreviations. Any scheme to accept abbreviations will sometimes fail to get >you what you want. For example, what will your browser do if you just type >in "ftp.mydomain.com"? Will it take it as "http://ftp.mydomain.com"? Or will >it take it as "http://ftp.mydomaincom"? If you don't know and understand the >rules for expanding abbreviations, don't use abbreviations. > > I only wish you could disable them. Both IE and Netscape have done things I >didn't expect more than once. > > DS > The browser should not be the file manager. That is all there is to it. -b -- Fly Windows NT: All the passengers carry their seats out onto the tarmac, placing the chairs in the outline of a plane. They all sit down, flap their arms and make jet swooshing sounds as if they are flying.
This archive was generated by hypermail 2b30 : Fri Aug 10 2001 - 16:07:54 PDT