[1288] in WWW Security List Archive
Re: SECURITY ALERT: Password protection bug in Netscape 2.0b3
daemon@ATHENA.MIT.EDU (Adam Shostack)
Wed Dec 20 16:35:32 1995
From: Adam Shostack <adam@bwh.harvard.edu>
To: dwm@shell.portal.com (David W. Morris)
Date: Wed, 20 Dec 1995 14:05:47 -0500 (EST)
Cc: www-security@ns2.rutgers.edu
In-Reply-To: <Pine.SUN.3.90.951219114524.1820B-100000@jobe.shell.portal.com> from "David W. Morris" at Dec 19, 95 11:21:18 pm
Errors-To: owner-www-security@ns2.rutgers.edu
Most modern OS's have some form of swapping or virtual memory.
Its not a good idea to assume that the contents of a multi megabyte
ram cache won't get to disk.
Adam
Dave Morris wrote:
| The session history is a kind of virtual paper which has the most value if
| the content isn't altered. After all, if you have a real piece of paper
| on your desk it remains a faithful record unless it is explictly altered.
| The virtual paper of the history should follow the same paradigm w/o respect
| to the protected nature of individual pages.
|
| If you accept that fundamental design premise, then it may be possible to
| handle protection of content with some rules like:
|
| 1. Never save a protected page beyond the scope of a single execution of
| the UA program.
| 2. Never use DASD for backing store for history purposes for an
| authorized document. If memory cache space is exhausted, then
| the history is lost (different UA's could handle error recovery
| in terms of advising the the user, etc.)
--
"It is seldom that liberty of any kind is lost all at once."
-Hume
