On Friday, Sep 24, 2004, at 19:07 US/Eastern, Brad Knowles wrote:
Leaving it as a ".doc" file when the MIME bodypart type does not match the claimed extension *is* dangerous.
In mail, yes (and what does Mailman normally do to sanitize extensions / MIME types in the messages it redistributes?). But on the web? I'm curious, what's the threat model?
--Robby
_______________________________________________ Mailman-Developers mailing list [EMAIL PROTECTED] http://mail.python.org/mailman/listinfo/mailman-developers Unsubscribe: http://mail.python.org/mailman/options/mailman-developers/archive%40jab.org
