tahoe-lafs/tahoe-lafs
tahoe-lafs
/
tahoe-lafs
2
0
Fork 0
Code Issues Pull Requests 23 Packages Projects Releases 1 Wiki Activity

Strengthen description of unauthorized access attack in known_issues.rst.

This commit is contained in:
david-sarah 2011-11-18 00:00:30 +00:00
parent 990f294eea
commit 891069c245
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
docs/known_issues.rst
View File

@ -26,13 +26,13 @@ Known Issues in Tahoe-LAFS v1.9.0, released 31-Oct-2011
---- ----
Potential unauthorized access by JavaScript in unrelated files Unauthorized access by JavaScript in unrelated files
-------------------------------------------------------------- --------------------------------------------------------------
If you view a file stored in Tahoe-LAFS through a web user interface, If you view a file stored in Tahoe-LAFS through a web user interface,
JavaScript embedded in that file might be able to access other files or JavaScript embedded in that file can, in some circumstances, access other
directories stored in Tahoe-LAFS which you view through the same web files or directories stored in Tahoe-LAFS that you view through the same
user interface. Such a script would be able to send the contents of web user interface. Such a script would be able to send the contents of
those other files or directories to the author of the script, and if you those other files or directories to the author of the script, and if you
have the ability to modify the contents of those files or directories, have the ability to modify the contents of those files or directories,
then that script could modify or delete those files or directories. then that script could modify or delete those files or directories.