Subject: Denial of Service Attacks From: James Clark <jjc@xxxxxxxxxx> Date: Mon, 19 May 1997 11:16:50 +0700 |
At 06:49 18/05/97 -0400, Paul Prescod wrote: >#1. Denial of Service Attacks: DSSSL scripts can go into infinite loops. >That could hang your computer in a bad implementation or slow it down in >a good one. This is one more hassle for browser vendors to worry about. >They've already got security problems up the wazoo. (so maybe they don't >mind another one? :) ) This is an interesting point. One solution might be for browsers to provide a configurable timeout for processing each node (I seem to remember PostScript printers have something like this). Don't browser vendors already have basicallly the same problem with HTML scripting? James DSSSList info and archive: http://www.mulberrytech.com/dsssl/dssslist
Current Thread |
---|
|
<- Previous | Index | Next -> |
---|---|---|
Re: SGML/XML syntax for DSSSL, Paul Prescod | Thread | Programmable or declarative stylesh, Paul Prescod |
SGML/XML syntax for DSSSL, James Clark | Date | </DSSSL standard as PDF from TeX>, Sebastian Rahtz |
Month |