On Sat, May 05, 2001 at 02:31:14PM +0200, Hannu Krosing wrote:
Michel Pelletier wrote:
Something that is dangerous about this script is that it does no security checking at all. Anyone one user with acces to the shell is essentialy promoted to a superuser through the shell. It would not be difficult for you to add security checkpoints to you code using the explicit securitymanager api documented in the developer's guide.
It claims that "This Project Has Not Released Any Files".
Does it mean that I am supposed to get stuff from CVS ?
I've just seen the same message, so I've browsed the files with cvsweb, and now I better understand Michel's concerns: it seems as External methods run completely unrestricted by default, which I ignored until I read this document. bye, Jerome Alet