On Wed, 2002-09-18 at 15:42, Carroll Grigsby wrote: > Alastair: > Wait a couple of days, and you'll get your 20. > -- cmg
I was internally debating this timescale and thought it was probably right. Although nothing has turned up relating to IE specifically there've been 4 alerts on the [bugtraq] list today concerning Microsoft products. Including this (at face value) absolutely horrendous one: "Windows NT/2000/XP do not check execution rights correctly before allowing 16-bit executables to load. This makes it possible to load and execute 16-bit files without execute permission. For example, the command line COMMAND /c 16BitApp.exe will always run the application 16BitApp.exe regardless of execute permission." So someone could bring in CRASH.EXE on a floppy disk and subvert access control lists and all the other expensive-consultant-set-up Windows paraphernalia :) Suppose Linux was: - occupying 95% of the market; - widely disliked. Would such elementary holes be opened up with the same regularity as is happening with Microsoft products? I have the uneasy feeling that the answer would be "yes". Alastair
signature.asc
Description: This is a digitally signed message part