| ActiveMac | Anonymous | Create a User | Reviews | News | Forums | Advertise |
|
|
|
User Controls |
|
New User |
|
Login |
|
Edit/View My Profile |
|
|
|
|
|
|
|
ActiveMac |
|
Articles |
|
Forums |
|
Links |
|
News |
|
News Search |
|
Reviews |
|
|
|
|
|
|
|
News Centers |
|
Windows/Microsoft |
|
DVD |
|
ActiveHardware |
|
Xbox |
|
MaINTosh |
|
News Search |
|
|
|
|
|
|
|
ANet Chats |
|
The Lobby |
|
Special Events Room |
|
Developer's Lounge |
|
XBox Chat |
|
|
|
|
|
|
|
FAQ's |
|
Windows 98/98 SE |
|
Windows 2000 |
|
Windows Me |
|
Windows "Whistler" XP |
|
Windows CE |
|
Internet Explorer 6 |
|
Internet Explorer 5 |
|
Xbox |
|
DirectX |
|
DVD's |
|
|
|
|
|
|
|
TopTechTips |
|
Registry Tips |
|
Windows 95/98 |
|
Windows 2000 |
|
Internet Explorer 4 |
|
Internet Explorer 5 |
|
Windows NT Tips |
|
Program Tips |
|
Easter Eggs |
|
Hardware |
|
DVD |
|
|
|
|
|
|
|
Latest Reviews |
|
Applications |
|
Microsoft Windows XP Professional |
|
Norton SystemWorks 2002 |
|
|
|
Hardware |
|
Intel Personal Audio Player 3000 |
|
Microsoft Wireless IntelliMouse Explorer |
|
|
|
|
|
|
|
Site News/Info |
|
About This Site |
|
Affiliates |
|
ANet Forums |
|
Contact Us |
|
Default Home Page |
|
Link To Us |
|
Links |
|
Member Pages |
|
Site Search |
|
Awards |
|
|
|
|
|
|
|
Credits |
 |
IE vs. Mozilla on the Shell Hole—Whose Bug Is It? | |
|
||
| Time: 14:29 EST/19:29 GMT | News Source: eWeek | Posted By: Jonathan Tigner | ||
|
Opinion: Mozilla exposed the scheme, opened the hole. Now it's a debate in security circles. But the only way this is a vulnerability in Windows is if it's a vulnerability for a shell to be able to run programs. In the wake of last week's revelation of a security hole in Mozilla that allows the execution of arbitrary programs on the client system a philosophical debate has emerged: Is this a bug in Mozilla or a bug in Windows? I think the argument is that Windows should prevent the shell scheme from executing programs, but this isn't a job for Windows. This is a job for the browser. All Windows is doing in the case of what was just patched in Mozilla is taking an instruction to run a program and running it. If the browser didn't ask for it, it wouldn't happen. | ||
|
Write Comment
Return to News |
Displaying 526 through 532 of 532 Prev | First |
The time now is
1:06:48 PM
ET.
Any comment problems? E-mail us |
|
Write Comment
Return to News |
Displaying 526 through 532 of 532 Prev | First |
The time now is
1:06:48 PM
ET.
Any comment problems? E-mail us |
