Re: Netscape Communicator 4.5 can read local files

[haddock () UDEL EDU (Terence Christopher Haddock)]

        Ben Collin's file contains the text "this is really stupid.". He's
running an UNIX version of Netscape, so I had to modify the script.
Unfortunately, the following does not work under both UNIX and Windows:

sl=window.open("wysiwyg://1/file://");

        It works under UNIX, but not under Windows. A simple check of the
OS would take care of the distinction, however, so that wouldn't slow any
would-be hackers down. Also, if they know their target, then they know
what kind of OS they're dealing with.

Sincerely,
Terence C. Haddock
University of Delaware

On Wed, 25 Nov 1998, Ben Collins wrote:

> I would just like to say that I find it hard to believe so much fuss has
> been made about this. It is clear that this is only a local 'trick' to
> look like it has gotten info. There used to be earlier versions of this
> where ppl would make a link to file:///C|/ and say they had your hardrive
> contents on their webpage, and now that java/javascript is involved
> everyone is freaking out over the same thing just done a litte more
> elaborately.
>
> If some one here can setup a webpage, send me the URL, have that page read
> the file '/test.txt' from my hardrive and then that person send the
> contents to this list, I will believe. Otherwise I think this whole
> hysteria over 'unforseen' dangers should stop.
>
> --
> -----    -- - -------- --------- ----  -------  -----  - - ---   --------
> Ben Collins <b.m.collins () larc nasa gov>                  Debian GNU/Linux
> UnixGroup Admin - Jordan Systems Inc.                 bcollins () debian org
> ------ -- ----- - - -------   ------- -- The Choice of the GNU Generation