Re: WWW Security Hole -- Bull!
Tony Sanders (firstname.lastname@example.org)
Thu, 12 Aug 1993 19:56:10 -0500
> What WWW (and also Gopher) offers is something without precedent a few
> years ago; a very general ability to pass around objects which, when
> received, cause someone else to perform a particular network
> transaction without being specifically aware of doing so, potentially
> turning clients into gateways. Is it so surprising that there are new
> security concerns? I'm amazed (and pleased) there have been so few
> - Marc
> Marc VanHeyningen email@example.com MIME, RIPEM & HTTP spoken here
> Don't take this wrong (i.e., from the tone of the last two messages), but what
> about MIME??! The MIME/ghostview security hole was potentially much more devastating than
> the one you've uncovered for many reasons. From your analysis, I would say that we should
> throw out MIME...
No, we should throw out application/postscript or fix ghostscript.
So throw out gopher or fix it.