-Original Message-
From: Stefano Mazzocchi [mailto:[EMAIL PROTECTED]
Sent: Monday, October 27, 2003 6:06 AM
To: James Developers List
Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED]; lenya-
[EMAIL PROTECTED]
On Sunday, Oct 26, 2003, at 23:33 Europe/Rome, Noel J. Bergman wrote:
He's not questioning whether it's encrypted. His point is, doco sends
an email to an address, and you respond. It gives very little
control,
even if there is a compromise.
AIUI, the proposed solution would allow anyone to edit content, and
contribute it as a patch. Content could include defacements,
changes to
.htaccess, and CGI scripts.
nah, dude, look: doco has a very precise editing access point. You can
*ONLY* modify xml content. So, changes to .htaccess, CGI scripts,
servlet upload, sql injection, cross-site-scripting, and you next
favorite attack will NOT work because the system prevents it by design
[not saying it cannot happen, but if it does it's a bug, not a faulty
design]
FWIW, I agree. Perhaps the submit goes to a well-formedness check (or even
better?, schema/dtd validation). If it fails, it doesn't even enter the
approval process. Perhaps a notification email is sent describing that an
invalid submittal was sent. The user is returned an error page saying the
post was rejected, in case it was just a mistake.
On another note, can images/PDFs/other-binaries be uploaded?
-Rob
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]