eWeek: IE vs. Mozilla on the Shell Hole--Whose Bug Is It?
Jul 12, 2004, 22:45 (11 Talkback[s])
(Other stories by Larry Seltzer)
[ Thanks to
Nicholas Donovan for this link. ]
"In the wake of last week's revelation of a security hole in
Mozilla that allows the execution of arbitrary programs on the
client system a philosophical debate has emerged: Is this a bug in
Mozilla or a bug in Windows?
"I think the argument is that Windows should prevent the shell
scheme from executing programs, but this isn't a job for Windows.
This is a job for the browser. All Windows is doing in the case of
what was just patched in Mozilla is taking an instruction to run a
program and running it. If the browser didn't ask for it, it