[2614] in bugtraq
Re: Is _your_ Netscape under remote control
daemon@ATHENA.MIT.EDU (Jeff Uphoff)
Fri May 24 20:04:03 1996
Date: Fri, 24 May 1996 16:49:21 -0400
Reply-To: Bugtraq List <BUGTRAQ@NETSPACE.ORG>
From: Jeff Uphoff <juphoff@tarsier.cv.nrao.edu>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@NETSPACE.ORG>
In-Reply-To: Your message of Fri, May 24, 1996 15:58:39 +0000
"m" == martinh <martinh@mailhost.emap.co.uk> writes:
m> Anyone else seen this? Netscape 1.1 and higher can be controlled
m> remotely. This can be abused in many ways as Netscape can be made to open
m> URL's add bookmarks, open local files and save local files without
m> informing the user.
m> [...]
m> The problem is that Netscape relies on X for it's protection, it can
m> write files without telling the user, and there are far too many open X
m> displays out there.
If you're xhosting the world then you've opened yourself up for such a
heap of other troubles (keystroke monitoring, etc.) that Netscape might
well be the least of your worries....
--Up.
--
Jeff Uphoff - systems/network admin. | juphoff@nrao.edu
National Radio Astronomy Observatory | juphoff@bofh.org.uk
Charlottesville, VA, USA | jeff.uphoff@linux.org
PGP key available at: http://www.cv.nrao.edu/~juphoff/
