RE: [WEB SECURITY] Fundamental error in Corsaire's paper?

["Armag" <armag666 () mailhaven com>]

On Fri, 28 Apr 2006 21:01:34 +0200, "Amit Klein (AKsecurity)"
<aksecurity () hotpop com> said:
> On 28 Apr 2006 at 17:50, Martin O'Neal wrote:
>
> > > Hmmmm... - not too common, so it seems.
> >
> > Well, MS often tend to be the spanner in the ointment when it comes to
> > standards compliance, but even if you accept all of those MS vagaries,
> > this is still counter evidence to the blanket "There is no such thing as
> > path security" statement.  Granted, the practical worth of it today
> > (with the browser issues in evidence) is limited. ;)
>
> OK, if that's the counter example, I can live with it ;-)

What is the final verdict, the original topic of this thread? 
The Corsaire article - is there a fundamental error in the
recommendation part of it?
-- 
  Armag
  armag666 () mailhaven com

-- 
http://www.fastmail.fm - Accessible with your email software
                          or over the web


-------------------------------------------------------------------------
Sponsored by: Watchfire

Watchfire's AppScan is the industry's first and leading web application 
security testing suite, and the only solution to provide comprehensive 
remediation tasks at every level of the application. Change the way you 
think about application security testing - See for yourself. 
Download a Free Trial of AppScan 6.0 today!

https://www.watchfire.com/securearea/appscansix.aspx?id=701300000007kaF
--------------------------------------------------------------------------