cocoon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Robert Koberg" <...@koberg.com>
Subject RE: [proposal] Doco
Date Mon, 27 Oct 2003 14:35:46 GMT


> -----Original Message-----
> From: Stefano Mazzocchi [mailto:stefano@apache.org]
> Sent: Monday, October 27, 2003 6:06 AM
> To: James Developers List
> Cc: dev@cocoon.apache.org; forrest-dev@xml.apache.org; lenya-
> dev@cocoon.apache.org
> 
> 
> On Sunday, Oct 26, 2003, at 23:33 Europe/Rome, Noel J. Bergman wrote:
> 
> >> He's not questioning whether it's encrypted.  His point is, doco sends
> >> an email to an address, and you respond.  It gives very little
> >> control,
> >> even if there is a compromise.
> >
> > AIUI, the proposed solution would allow "anyone" to edit content, and
> > contribute it as a "patch".  Content could include defacements,
> > changes to
> > .htaccess, and CGI scripts.
> 
> nah, dude, look: doco has a very precise editing access point. You can
> *ONLY* modify xml content. So, changes to .htaccess, CGI scripts,
> servlet upload, sql injection, cross-site-scripting, and you next
> favorite attack will NOT work because the system prevents it by design
> [not saying it cannot happen, but if it does it's a bug, not a faulty
> design]

FWIW, I agree. Perhaps the submit goes to a well-formedness check (or even
better?, schema/dtd validation). If it fails, it doesn't even enter the
approval process. Perhaps a notification email is sent describing that an
invalid submittal was sent. The user is returned an error page saying the
post was rejected, in case it was just a mistake.

On another note, can images/PDFs/other-binaries be uploaded?

-Rob


Mime
View raw message