[Previous] [Next] [Index]
[Thread]
Re: What's the deal ?
There was a security bug in a modified version of a browser used by a
company as part of their software distribution system. This effectively
had the shell registered as the mime handler for the shell content type.
Go figure.
This feature was discovered by a researcher here a few days after the product
was released and the company involved was informed. They stopped distribution
immediately.
I agree with Brian that certification of adherence to standards would be
a usefull role for W3C, but I would not wish to be liable for security
loopholes in someone else's product. Its bad enough having one's own
code to worry about.
Phill Hallam-Baker
Follow-Ups:
References: