On Thu, 29 Aug 2002, Bill Harris wrote: > Rod Roark wrote: > > > Keep in mind also that JavaScript security risks are more in > > the area of "annoyances" -- e.g. opening a bunch of popup > > windows -- JS will not allow a web site to write to your > > hard drive, for example. > > But there have been bigger problems around, such as > http://www.cert.org/advisories/CA-1997-20.html (old). > > CERT offers the following advice: > http://www.cert.org/tech_tips/home_networks.html#IV-A-9 and > http://www.kb.cert.org/vuls/id/361600 and > http://www.cert.org/tech_tips/malicious_code_FAQ.html. From them, I > gather that they recommend a prudent person not to enable Javascript > (ECMAScript) unless they really need to. Those documents are _very_ old. Are they really still applicable?
-- Cheers John. Please, no off-list mail. You will fall foul of my spam treatment. Join the "Linux Support by Small Businesses" list at http://mail.computerdatasafe.com.au/mailman/listinfo/lssb ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf ------------------------------------------------------- (un)subscribe: http://lists.sourceforge.net/lists/listinfo/sql-ledger-users Archive: http://www.mail-archive.com/[email protected]/
