Bugtraq mailing list archives
Re: Lotus Notes Stored Form Vulnerability
From: Tibor SZABO <szabo.tibor () LN MATAV HU>
Date: Tue, 27 Feb 2001 14:15:54 +0100
Isn't the ECL merely based on string matching of the signer rather than checking a certificate or an encrypted key? <<<<<<<<<<<<<< The ECL elements are strings, but the execution controlling itself is based on digital signatures. If somebody signs a piece of program-code with a fake "Lotus Notes Template Development" ID (as someone mentioned eralier in this list), or signs a piece of code with any other fake ID with a name, which already has a corresponding Notes cross-certificate entry in your personal address-book, during the execution of this code your Notes client program warns you in a pop-up window, that this signature is invalid - and you have opportunity to abort_the_execution, execute_it_only_once or trust_signer. "Trust signer" allows the execution of ALL_unsigned_piece_of_code with this type of tasks in the future. If a piece of code has a known signature ("known" means that it already has a corresponding Notes cross-certificate entry in your personal address-book), then your notes client performs the required task, if it is allowed in the ECL for that name. If the execution of this type of task is not allowed, then you will be warned in a pop-up window - and you have opportunity to abort_the_execution, execute_it_only_once or trust_signer. If a piece of code has an unknown signature, your notes client performs the required task only when the -default- entry in the ECL allows the execution. If not allowed (for -defaulft-) this task, then you will be warned in a pop-up window - and you have opportunity to abort_the_execution, execute_it_only_once or trust_signer. "Trust signer" allows ALL_piece_of_code_with_unknown_signature on them this type of tasks in the future. If a piece of code has no signature at all, your notes client performs the required task only when the -unsigned- entry in the ECL allows the execution. If not allowed (for -unsigned-) this task, then you will be warned in a pop-up window - and you have opportunity to abort_the_execution, execute_it_only_once or trust_signer. "Trust signer" allows ALL_piece_of_code_without_signature on them this type of tasks in the future. Allowing a function by ECL means, that in the future you won't be warned when this type of task is to be executed. Of course you can revoke any permission at any time. Tibike ps: sorry my bad English
Current thread:
- Lotus Notes Stored Form Vulnerability Chris Jones (Feb 10)
- Re: Lotus Notes Stored Form Vulnerability Derek Reynolds (Feb 10)
- <Possible follow-ups>
- Re: Lotus Notes Stored Form Vulnerability Felix Grushevsky (Feb 10)
- Re: Lotus Notes Stored Form Vulnerability Mikkel Heisterberg (Feb 12)
- Re: Lotus Notes Stored Form Vulnerability Security Advisory (Feb 12)
- Re: Lotus Notes Stored Form Vulnerability Security Advisory (Feb 15)
- Re: Lotus Notes Stored Form Vulnerability Chris Jones (Feb 19)
- Re: Lotus Notes Stored Form Vulnerability mark myers (Feb 21)
- Re: Lotus Notes Stored Form Vulnerability Katherine Spanbauer (Feb 26)
- Re: Lotus Notes Stored Form Vulnerability Tibor SZABO (Feb 27)