1996-04-30 - RE: www.WhosWhere.com selling access to my employer’s passwd file

Header Data

From: Blake Coverett <blake@bcdev.com>
To: “‘jsw@netscape.com>
Message Hash: 3d556db5616045a6f37319216b4caf49d8355d06cbd17051967c1d5bbb1d16f7
Message ID: <01BB35ED.7BA25CA0@bcdev.com>
Reply To: N/A
UTC Datetime: 1996-04-30 05:40:15 UTC
Raw Date: Tue, 30 Apr 1996 13:40:15 +0800

Raw message

From: Blake Coverett <blake@bcdev.com>
Date: Tue, 30 Apr 1996 13:40:15 +0800
To: "'jsw@netscape.com>
Subject: RE: www.WhosWhere.com selling access to my employer's passwd file
Message-ID: <01BB35ED.7BA25CA0@bcdev.com>
MIME-Version: 1.0
Content-Type: text/plain


>   We go to great pains to keep from revealing your e-mail address to
> a web site.  Several of the fixes in 2.01 were for these sorts of problems.
> Given a current version of Netscape Navigator, how would a spam-king
> steal your e-mail address from his web page?

I just noticed an attack vector that I wasn't aware of previously.  If the browser
is running with CLASSPATH set to include the JDK classes.zip applets are
suddenly able to enumerate all the system properties.
On my system user.name is set to '?', but user.dir and user.home are both
available.

This isn't a huge exposure, but it is unsettling.

-Blake (off to poke around further)






Thread