Shockwave security leak and a possible solution

Shockwave security leak and a possible solution

Jim Stoneburner writes: "Regarding the reported Shockware security leak which can affect Netscape Navigator on Macintosh, there may be hope. It appears that if the user has changed the name of the boot volume or partition from Macintosh_HD to anything else, this may prevent intrusion. For example, Netscape uses the path name mailbox:/Macintosh HD/System Folder/Preferences/
Netscape ?/Mail/Inbox?number=0 to specify an Inbox file. If the boot volume name has been changed, any unscrupulous webmaster would not know how to specify this path."

Update: Jud Spencer of Claris writes: "Emailer 2.0 is not vulnerable to this. Emailer 2.0 stores its mail in a database not individual text files. Emailer 1.0 stores individual mail messages as text files but it does not store them at any easily guessed pathname."

 

Join the discussion

Conversation powered by Livefyre

Don't Miss
Hot Products
Trending on CNET

HOT ON CNET

What would you do with a new laptop?

Tell us what your favorite Toshiba laptop feature is and why for a chance to win a Toshiba Satellite P50W laptop.