[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: [xml] security issue.

From: Aleksey Sanin <aleksey aleksey com>
To: Anju Premachandran <anju premachandran wipro com>
Cc: aleksey aleksey org, xml gnome org
Subject: Re: [xml] security issue.
Date: Tue, 25 Jun 2002 08:24:21 -0700

Well, I fixed all sprintfs and few strcpys. I do not see any other bigproblem.I really don't think that env variables could be used by "bad" guy. If"Bad" guy

has access to the box then he/she can do much more things :)


Aleksey


Anju Premachandran wrote:

Hi Aleksey

How did your security audit go?Did u find any new issues?

Regarding  the environment variables for HTTP/FTP access;as u said if a bad guy can change the environment variables it can turn out to be a concern.

So should we fix it?

Regards
Anju
_______________________________________________
xml mailing list, project page  http://xmlsoft.org/
xml gnome org
http://mail.gnome.org/mailman/listinfo/xml

References:
- [xml] security issue.
  - From: Anju Premachandran

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]