Re: AppleScript & HTML Again...
Re: AppleScript & HTML Again...
- Subject: Re: AppleScript & HTML Again...
- From: Rob Jorgensen <email@hidden>
- Date: Mon, 29 Mar 2004 09:49:40 -0500
At 6:50 AM -0600 3/29/04, John C. Welch wrote:
Actually, a porn storm is a pretty decent example of a DOS attack. It keeps
you from using your web browser in the way you want. If you use ML to open
ever application in the Apple defaults on a machine, then that's a DOS
attack, and a pretty good one.
So does Apple's file protocol provide the same opportunity to achieve
a DOS attack? For instance, when using Safari, the following opens a
Finder window on my machine:
file:///
I suspect that someone could embed JavaScript code that could
traverse the typical OS X folder hierarchy and open a window for
hundreds or thousands of folders. If so, I also suspect that the
potential exists to overload the Finder, and maybe Safari, as the JS
code attempts to perform its task. If this is a viable way to execute
a DOS attack, should we modify the local behavior of the file
protocol on our machines?
I simply hope to help Peter with ML and I'm trying to determine the
level of paranoia that it can address without becoming useless. I'd
certainly hate for it to be tagged as "Weakest Link".
-- Rob
_______________________________________________
applescript-users mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/applescript-users
Do not post admin requests to the list. They will be ignored.