dcsimg
Linux Today: Linux News On Internet Time.





More on LinuxToday


eWeek: IE vs. Mozilla on the Shell Hole--Whose Bug Is It?

Jul 12, 2004, 22:45 (11 Talkback[s])
(Other stories by Larry Seltzer)

[ Thanks to Nicholas Donovan for this link. ]

"In the wake of last week's revelation of a security hole in Mozilla that allows the execution of arbitrary programs on the client system a philosophical debate has emerged: Is this a bug in Mozilla or a bug in Windows?

"I think the argument is that Windows should prevent the shell scheme from executing programs, but this isn't a job for Windows. This is a job for the browser. All Windows is doing in the case of what was just patched in Mozilla is taking an instruction to run a program and running it. If the browser didn't ask for it, it wouldn't happen..."

Complete Story

Related Stories: