-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Perhaps its just me but I see this as a potential problem. From what I can tell all versions of internet explorer 4 and above allow view-source urls. view-source:http://www.news.com This opens notepad or your default html editor with the source of the main page for news.com or any other site or page you specify. Here's another one. view-source:file:///boot.ini This opens notepad or your default html editor to the local boot.ini, if it exists. This could potentialy be embeded into various html tags causing the instance of notepad or other editor to be opened automaticlly. If the file specified does not exit notepad will ask to create it. If someone isn't paying attention they could hit enter and create the specified file. John C. Hennessy Information security analyst -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com> iQA/AwUBPQSe5jfHYhhTZOYaEQImbwCfeXftE2boNT8Zt609MxX+V8kwoP0AnjeF zvc36IlY5wxrclj6ok8yKsw1 =7apz -----END PGP SIGNATURE-----
This archive was generated by hypermail 2b30 : Mon Jun 10 2002 - 10:48:59 PDT