A few comments... Almost every non-trivial program which runs on a platform which does not shield the OS from applications can be subverted to give access to the target machine. This is hardly news. The fact that a determined Dane with a debugger managed to poke through the code and break something is neither earth-shattering nor remarkable. In something the size of Netscape, I'm sure 999,999 exploits still remain. The company is hardly going to start writing checks every time someone finds one of them. Until all application software runs on secure virtual machines, or passes bytecode verification and formal proofs of correctness, this problem will continue to exist, not only in Netscape, but in every other large application as well. Big Yawn. -- Mike Duvos $ PGP 2.6 Public Key available $ enoch@zipcon.net $ via Finger. $