That's right, and the mechanism you describe for Word matches the behaviour I proposed for the scripted HTML case, but my proposal doesn't require any "dirty bit". Also, you've offered no evidence that such a dirty bit exists inside Word documents.
Well, I don't know the system carefully - but I'm pretty sure people don't get this for Word documents they've created. Do they? So there must be some info in there regarding the source or creator.
Do you think Longhorn has a magic solution to the untrusted content problem?
I don't see how that bears on the matter here. No one's proposing
a "mark of Longhorn", unless you are.
You are saying Microsoft will claim that Longhorn solves these problems. It's a key plank of your hypothetical argument. So I'm asking "How do you know that? What mechanism are they proposing?"
Gerv _______________________________________________ Mozilla-security mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-security
