[NOISE] Re: Easter Eggs
Rick Busdiecker
rfb at lehman.com
Wed Sep 27 06:36:36 PDT 1995
Date: Tue, 26 Sep 1995 12:59:54 -0700
From: Alan Olsen <alano at teleport.com>
You also need X windows to find the Mozilla animated icon hack on
Jammie Zawinski's page.
^^^^^^
Just for the record, that's Jamie.
obNetscapeHack: There is a feature called a "cookie file" in
Netscape that is ripe for exploitation as a security leak. If you
are using a Netscape server (and you may not even need that), you
can feed all sorts of information into it without the user's
knowlege. I have heard of one page that overloads the cookie file
until the machine runs out of drive space. I am sure that there
are other exploitable holes there... Any takers?
Yikes! That sounds really bad. Do you have any more information on
this? For example, can the server write to anything other than
$HOME/.netscape-cookies? If I write protect that file, but it's still
owned by me, will Netscape still modify it?
--
Rick Busdiecker Please do not send electronic junk mail!
net: rfb at lehman.com or rfb at cmu.edu PGP Public Key: 0xDBD9994D
www: http://www.cs.cmu.edu/afs/cs.cmu.edu/user/rfb/http/home.html
send mail, subject "send index" for mailbot info, "send pgp key" gets my key
A `hacker' is one who writes code. Breaking into systems is `cracking'.
More information about the Testlist
mailing list