--On Mon, May 4, 1998 3:22 pm +0100 "Martin Read" <[EMAIL PROTECTED]> wrote:
> Javier Fernandez-Sanguino Pen~a writes: >> Xswallow is a plugin for Netscape that allows ANY X-based application >> tu run inside Netscape. This allows you to run a VRML browser (vrwave,vrweb..) or >> a midi application inside Netscape without having to expressely save to disk >> and then run it aside. It works with <EMBED> tags and /etc/mime.types. > > This sounds distressingly like a serious security hole - unless it refuses > requests resembling "xterm -e foo". It's not quite as bad as "xhost +", > I'll admit, but it does sound like a major risk nevertheless. I assume the point is that it will only execute applications listed in /etc/mailcap, which is fine. He didn't provide a URL, so I can't check.. Jules /----------------+-------------------------------+---------------------\ | Jelibean aka | [EMAIL PROTECTED] | 6 Evelyn Rd | | Jules aka | | Richmond, Surrey | | Julian Bean | [EMAIL PROTECTED] | TW9 2TF *UK* | +----------------+-------------------------------+---------------------+ | War doesn't demonstrate who's right... just who's left. | | When privacy is outlawed... only the outlaws have privacy. | \----------------------------------------------------------------------/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
