Re: Oaf default build...

On 31 May 2000, Miguel de Icaza wrote:

> > If a valid request to a valid object has come in previously, then it is
> > allowed.
> Mhm, so this is pretty bad.
> Because it just means that we are protected at startup (if the object
> name is effectively randomized), but once the object is used once by
> anyone, then we are subject to attacks.

You are subject to attacks *on that connection*

-- Elliot
"Moron of the week" for four years running

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]