W3C home > Mailing lists > Public > public-xml-processing-model-wg@w3.org > December 2007

Re: Security considerations: p:exec et al.

From: Norman Walsh <ndw@nwalsh.com>
Date: Thu, 13 Dec 2007 16:00:32 -0500
To: public-xml-processing-model-wg@w3.org
Message-ID: <m2wsri9uof.fsf@nwalsh.com>
Are you satisfied with the new Security Considerations section?

/ Rui Lopes <rlopes@di.fc.ul.pt> was heard to say:
| More dangerous than p:load, p:store or p:http-request, the p:exec is
| prone to abuse, especially on importing externally-defined pipeline
| libraries.
|
| We should say something about it either in Section 2.9 (Security
| Considerations), or in the step declaration (7.2.1).
|
| p:xslt has the same problem, as some XSLT implementations (e.g.,
| Saxon) afford embedding and executing arbitrary Java methods.
|
| p:xquery might be prone to the same issue.
|
| Cheers,
| Rui
|
| -- 
|
| +---------------------------------------------------------------------------------------+
| | Rui Lopes <rlopes@di.fc.ul.pt>                                    Work: +351217500532 |
| | Researcher/PhD Student                                            Cell: +351967504370 |
| | Faculty of Sciences, University of Lisbon; LaSIGE Research Lab    Fax:  +351217500533 |
| | Portugal                                                                              |
| +---------------------------------------------------------------------------------------+

                                        Be seeing you,
                                          norm

-- 
Norman Walsh <ndw@nwalsh.com> | Where it is permissible both to die and
http://nwalsh.com/            | not to die, it is an abuse of valour to
                              | die.-- Mencius

Received on Thursday, 13 December 2007 21:00:46 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 8 January 2008 14:21:54 GMT