Network Security
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
Re: Not exactly security but ...
- From: Paul Melson
- Date: Mon Jun 05 17:36:18 2000
On Mon, Jun 05, 2000 at 04:27:04PM -0400, Jeff Haas wrote:
> Make sure your web pages are usable in lynx. If the page looks fine
> in lynx and the terminal software renders the link in bold or
> reverse upon moving to the link (required by certain text-to-speech
> software), then you'll mostly be fine.
>
> It also gives you a viable alternative the next time Netscape or IE
> is the target of the exploit du-jour and you need to grab a copy
> of your software from somewhere else.
Whether you meant it this way, or not, what you
say above sounds like there are no security
issues w/ lynx, which couldn't be farther from
the truth. Just ask the last poor sucker who
was using lynx when he clicked <a href="lynxexec:/bin/rm -rf /home/foo">here</a>.
The lynxexec option can be left out at compile
time, but there have also been buffer overflows
/tmp races, and more. I'm not saying that you
shouldn't use lynx, just don't plan on it being
more secure than any other browser.
Paul
- --
_____________________
melson@holt.k12.mi.us
|
