Re: hardening window against NewsBruiser
- From: James Henstridge <james jamesh id au>
- To: Owen Taylor <otaylor redhat com>
- Cc: gnome-sysadmin gnome org, gnome-infrastructure gnome org, Jeff Waugh <jdub perkypants org>
- Subject: Re: hardening window against NewsBruiser
- Date: Fri, 09 Dec 2005 10:31:09 +0800
Owen Taylor wrote:
>I assume what you mean here is have NB put out URLs pointing to
>attachments that can be served statically. You might actually be
>able to do it with mod_rewrite ... the cases I hand-did were:
>So, A) if it's always like that and B) if there are no access controls
>going on inside NB, then it should be manageable with mod_rewrite.
I think that will expose images attached to draft entries, but only if
someone guesses the name. I haven't seen any access control options
while looking through NB, so that's the only issue I can think of.
] [Thread Prev