Re: upgrade to rawhide report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Mon, 2004-08-23 at 23:23, Colin Walters wrote:
> On Mon, 2004-08-23 at 22:15 +0200, Nils Philippsen wrote:
> 
> > To get back to your example, not every
> > company may have the will, foresight or resources to install a second
> > LAN just for external people.
> 
> Sure.  I don't think we can handle every possible case with zero
> configuration.  But the point is to try very hard to handle as much of
> it as possible.

Of course, contrary to how my posts may have sounded like I really
appreciate if there are automatisms for these sane, common cases.

> > Actually I think that displaying browser errors in a web page isn't such
> > a good idea, even if IE does it ;-). 
> 
> I'm not saying that because IE does it it's a good idea, but rather it
> is a good idea that IE happens to do.  The error page is a lot less
> intrusive than a dialog (even if we fixed the bug where a "host not
> found" dialog blocks the entire browser mainloop, it's still nicer to
> have an error in the place of origin), and is able to provide a lot more
> information.

See below on why I disagree.

> > Any error detected in the browser
> > should be distinguishable as such, 
> 
> Why is that?

Other than the usual power user's whine of me, having it as a web page
may have potential security implications -- if there are holes found in
the browser, we might have people trying to exploit the fact that this
error is displayed as a web page, i.e. phishing, e.g. directing people
to other web pages that look more or less exactly like this, the "please
change your proxy setting" which would of course be a proxy under their
control. Think of current IE or Opera URL line exploits.

In evolution you have to click on a button to verify a PGP signature so
people can't design an HTML mail that only looks like the PGP signature
has been verified. And that is good.

Nils
-- 
     Nils Philippsen    /    Red Hat    /    nphilipp@xxxxxxxxxx
"They that can give up essential liberty to obtain a little temporary
 safety deserve neither liberty nor safety."     -- B. Franklin, 1759
 PGP fingerprint:  C4A8 9474 5C4C ADE3 2B8F  656D 47D8 9B65 6951 3011

Attachment: signature.asc
Description: This is a digitally signed message part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux