Hello, > Anyone else seen this? Netscape 1.1 and higher can be controlled > remotely. This can be abused in many ways as Netscape can be made to open > URL's add bookmarks, open local files and save local files without > informing the user. [snip] Yep, I already attempted to exploit this bug... First this only works on misconfigured X displays (I know it is not rare, but...), second it is somewhat hard to make a daemon which periodically checks if there is a Netscape running on a given machine, and third this is not discrete : unless iconized, the Netscape window shows what it is doing. I gave up after several *weeks* of trial (was attempting to make him a surprise)... Sincerely, there are much easier ways to exploit misconfigured X displays, the simplest being a Trojan horse imitating an Xdm login prompt. > The Windows and Mac versions also have their own remote control but I'll > leave someone else to look at them... [snip] > Er, unfortunately enough they don't listen to the network in any way : only X has this network-transparent inter-client communications feature (or W95, perhaps ?) -- Dominique Quatravaux Dominique.Quatravaux@ens.fr