Re: Publishing HTML

From: Daniel Veillard <veillard redhat com>
To: Dan Mueth <d-mueth uchicago edu>
Cc: Trevor Curtis <trevor curtis home com>, Colm Smyth <Colm Smyth sun com>, GNOME Doc List <gnome-doc-list gnome org>
Subject: Re: Publishing HTML
Date: Tue, 26 Jun 2001 13:05:26 -0400

On Tue, Jun 26, 2001 at 10:35:06AM -0500, Dan Mueth wrote:
> 
> On Tue, 26 Jun 2001, Trevor Curtis wrote:
> 
> > On Tue, Jun 26, 2001 at 10:37:24AM +0100, Colm Smyth wrote:
> > > - (paranoia on) a multi-user writeable cache for html files creates more issues
> > >   than one for man-pages; HTML isn't as harmless a document format as you might
> > >   like because it is a host for executable content (javascript, plug-ins, java,
> > >   ...; also remote execution (form input methods like cgi, servlets, ...)
> > >   it would be possible to edit a html page to bind different actions to buttons
> > >   or hyperlinks
> > >
> >
> > Hey. I'm new to all this, and so might be missing something, but why
> > would we worry about plugins? Going from xml/sgml -> html, we
> > typically don't use javascript or plugins of that sort.  Or do you
> > mean this in just a general sense?
> 
> Others here could probably answer this much better than I can, but I'll
> give it a shot.
> 
>  Untrusted ___\  Black Box XML->HTML ____\  shared  ____\ Help browser
>  XML "doc"    /  converter(gnome-db2html)/   cache      / (Moz./Naut.)
> 
> Any user can pass an untrustred document which they write or obtain from
> the web to the help system.  It gets converted by gnome-db2html3 into an
> HTML file and cached for all other users to run through Nautilus (which is
> really just Mozilla for these purposes).  So, if the untrusted document
> had executable content which could get through gnome-db2html, then we
> would have a cache file with malicious content which gets parsed by
> Mozilla by any other user on the system who happens to read that help
> file.

  the executable content would have to be in a script element, just make sure
they can't be generated by the XSLT. Anyway with chunking and document()
you have to trust the stylesheet you execute.

Daniel

-- 
Daniel Veillard      | Red Hat Network http://redhat.com/products/network/
veillard redhat com  | libxml Gnome XML XSLT toolkit  http://xmlsoft.org/
http://veillard.com/ | Rpmfind RPM search engine http://rpmfind.net/
Sep 17-18 2001 Brussels Red Hat TechWorld http://www.redhat-techworld.com

References:
- Re: Publishing HTML
  - From: Trevor Curtis
- Re: Publishing HTML
  - From: Dan Mueth

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]