Mailing List Archive: 49091 messages
  • Home
  • Script library
  • AltME Archive
  • Mailing list
  • Articles Index
  • Site search

[REBOL] Re: Security hole ? (was: image memory representation)

From: g:santilli:tiscalinet:it at: 23-Aug-2001 19:10

Hello Anton! On 23-Ago-01, you wrote: A> Is rebol memory pool the same for the launched program as in A> the console at the first point? If so, then it's possible that A> the evil program can send away user and password. Then evil A> programmer can freely access the ftp site. A> Muhahahahaaa.r.rgg..<cough> This is very unlikely anyway. The evil program has to be lucky enough to get the username and the password in that memory area; the it has to scan that area to find things that look like strings; then it has to convince the user to give it the permission to open some tcp port to send back the data to the evil programmer (ok, by default script are allowed to open tcp ports, so this is not probably a very big problem); the evil programmer then has to scan thru all of this strings to see it he can find something useful. It's like winning a lottery. :) A> Anyway, I can see this bug being fixed pretty soon. Indeed. So hurry up evil programmers! ;-) Regards, Gabriele. -- Gabriele Santilli <[giesse--writeme--com]> - Amigan - REBOL programmer Amiga Group Italia sez. L'Aquila --