Re: WWW Security Hole -- Bull!
Date: Thu, 12 Aug 93 19:45:33 EDT
Message-id: <9308122345.AA17389@hotsand.dacsand>
Original-From: hotsand!rhb (Richard Brandwein +1 908 949 2135)
To: Marc VanHeyningen <att!att!!>,
Subject: Re: WWW Security Hole -- Bull!
Status: RO
	What WWW (and also Gopher) offers is something without precedent a few
	years ago; a very general ability to pass around objects which, when
	received, cause someone else to perform a particular network
	transaction without being specifically aware of doing so, potentially
	turning clients into gateways.  Is it so surprising that there are new
	security concerns?  I'm amazed (and pleased) there have been so few
	- Marc
	Marc VanHeyningen  MIME, RIPEM & HTTP spoken here
Don't take this wrong (i.e., from the tone of the last two messages), but what
about MIME??!  The MIME/ghostview security hole was potentially much more devastating than
the one you've uncovered for many reasons.  From your analysis, I would say that we should
throw out MIME...

Rich Brandwein