W3C home > Mailing lists > Public > public-xml-processing-model-wg@w3.org > December 2007

[closed] Re: Security considerations: p:exec et al.

From: Norman Walsh <ndw@nwalsh.com>
Date: Fri, 14 Dec 2007 08:30:42 -0500
To: public-xml-processing-model-wg@w3.org
Message-ID: <m2d4t9iet9.fsf_-_@nwalsh.com>
/ Rui Lopes <rlopes@di.fc.ul.pt> was heard to say:
| I think it is ok, although we may consider extending err:XD0021 to
| cope with execution stuff, not just resource access.
|
| Furthermore, is it ok to add a paragraph about the inherent
| extensibility of standard steps (p:xslt and p:xquery)? Something along
| the lines of putting the responsibility on implementors that they
| should not overlook the implicit security considerations of these
| steps.

Done.

                                        Be seeing you,
                                          norm

-- 
Norman Walsh <ndw@nwalsh.com> | It is seldom that any liberty is lost
http://nwalsh.com/            | all at once.--David Hume

Received on Friday, 14 December 2007 13:30:56 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 8 January 2008 14:21:54 GMT