Re: WWW Security Hole

George Phillips <phillips@cs.ubc.ca>

Mail folder: WWW Talk Jul-Oct 1993
Next message: Karl Lehenbauer: "Re: WWWWW Notes"
Previous message: Roy Smith: "Re: WWW Security Hole"
In-reply-to: Roy Smith: "Re: WWW Security Hole"

Date: 12 Aug 93 13:14 -0700
From: George Phillips <phillips@cs.ubc.ca>
To: <roy@mchip00.med.nyu.edu>
Cc: <www-talk@nxoc01.cern.ch>
In-reply-to: <9308121946.AA04994@mchip00.med.nyu.edu>
Message-id: <6120*phillips@cs.ubc.ca>
Subject: Re: WWW Security Hole
Status: RO

roy@mchip00.med.nyu.edu sez:
>I'm not sure I understand the problem.  Telnet will let you send a single
>line of text to any port on any machine.  If if your telnet won't, it's
>trivial to do it yourself with a few lines of C code (or perl, I guess)

Right.  But if you do it with telnet you know what you sent.  The Web
browser will do this on your behalf without you even knowing what
was sent.  Or even knowing that you sent it.

			-- George