Shockwave security leak and a possible solution

Shockwave security leak and a possible solution

Jim Stoneburner writes: "Regarding the reported Shockware security leak which can affect Netscape Navigator on Macintosh, there may be hope. It appears that if the user has changed the name of the boot volume or partition from Macintosh_HD to anything else, this may prevent intrusion. For example, Netscape uses the path name mailbox:/Macintosh HD/System Folder/Preferences/
Netscape ?/Mail/Inbox?number=0 to specify an Inbox file. If the boot volume name has been changed, any unscrupulous webmaster would not know how to specify this path."

Update: Jud Spencer of Claris writes: "Emailer 2.0 is not vulnerable to this. Emailer 2.0 stores its mail in a database not individual text files. Emailer 1.0 stores individual mail messages as text files but it does not store them at any easily guessed pathname."

Featured Video

This Nokia virtual-reality camera costs $60,000

Good VR doesn't come cheap, as evidenced by Nokia's Ozo 360-degree video camera. Meanwhile, Swatch's next smartwatch has mobile payments, and Blocks lets you build your own smartwatch.

by Bridget Carey