Re: Smolt: firsboot revisited

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Once upon a time Thursday 15 February 2007, Arthur Pemberton wrote:
> On 2/15/07, R P Herrold <herrold@xxxxxxxxxxxx> wrote:
> > On Thu, 15 Feb 2007, Dennis Gilmore wrote:
> > > Did you look at the code like i asked last time ?  IP's are
> > > not collected. the data is transmitted by post so there is
> > > is no way to tie a UUID to an ip
> >
> > ummm ... don't be silly -- it is trivial to associate an
> > originating IP to a POST
> >
> > This test widget at http://www.herrold.com/post/ has this
> > HTML code to the client:
> >
> > <form method="post">
> > Digits only please: <input type="text" name="acme"><br>
> > <input type="submit" name="show" value="show">
> > </form>
> >
> > and reveals the REMOTE_ADDR quite readily.
> >
> > The source PHP may be viewed at:
> >
> > http://www.herrold.com/post/index.phps
> >
> > -- Russ Herrold
>
> I have to agree with this. Not that I think that this is specifically
> a problem. But it was false to imply that an HTTP Post is immune to IP
> harvesting.
sure it could be done  if smolt was coded to do so  but if it was in a GET  it 
would be in the logs.



Attachment: pgpSQpvU8tqF8.pgp
Description: PGP signature

-- 
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux