Date: Tue, 26 Sep 1995 12:59:54 -0700 From: Alan Olsen <alano@teleport.com> You also need X windows to find the Mozilla animated icon hack on Jammie Zawinski's page. ^^^^^^ Just for the record, that's Jamie. obNetscapeHack: There is a feature called a "cookie file" in Netscape that is ripe for exploitation as a security leak. If you are using a Netscape server (and you may not even need that), you can feed all sorts of information into it without the user's knowlege. I have heard of one page that overloads the cookie file until the machine runs out of drive space. I am sure that there are other exploitable holes there... Any takers? Yikes! That sounds really bad. Do you have any more information on this? For example, can the server write to anything other than $HOME/.netscape-cookies? If I write protect that file, but it's still owned by me, will Netscape still modify it? -- Rick Busdiecker Please do not send electronic junk mail! net: rfb@lehman.com or rfb@cmu.edu PGP Public Key: 0xDBD9994D www: http://www.cs.cmu.edu/afs/cs.cmu.edu/user/rfb/http/home.html send mail, subject "send index" for mailbot info, "send pgp key" gets my key A `hacker' is one who writes code. Breaking into systems is `cracking'.