Mr. Anonymous has a good reason to be anonymous -- he's an annoying
Perhaps.
fool.
I don't agree.
Yes, Mr. Anonymous, we all know postscript is dangerous. Thank you for this stunning revelation. We've read the IETF documents before, and some of us even helped write them.
Then you should support his point which is valid.
anonymous-remailer@shell.portal.com writes:
Clearly, someone has a vested interest which they are expending a great deal of effort to protect. My email to Netscape detailing their logic bomb has gone unanswered, and unacknowledged for ten days now.
Maybe because you're an idiot and they don't feel that its necessary to answer. What more need be said?
Being insulting and calling people names benefits nobody.
Those of us who care run our postscript interpreters with all the dangerous commands stripped out, but given that Netscape doesn't supply postscript interpreters, its not really their fault or problem.
I strongly disagree. If Netscape provided a way to execute shell commands on your host from a remote computer, it would certainly be a hole created by their product. The fact that the default shell is potentially dangerous means it's incumbant on those who provide access to it to provide adequate protection. If Netscape wants to claim their product doesn't degrade security, they should provide a safe postscript interpreter or not provide hooks to unsafe ones. -- -> See: Info-Sec Heaven at URL http://all.net Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236