[closed] Re: Security considerations: p:exec et al. from Norman Walsh on 2007-12-14 (public-xml-processing-model-wg@w3.org from December 2007)

From: Norman Walsh <ndw@nwalsh.com>
Date: Fri, 14 Dec 2007 08:30:42 -0500
To: public-xml-processing-model-wg@w3.org
Message-ID: <m2d4t9iet9.fsf_-_@nwalsh.com>

/ Rui Lopes <rlopes@di.fc.ul.pt> was heard to say:
| I think it is ok, although we may consider extending err:XD0021 to
| cope with execution stuff, not just resource access.
|
| Furthermore, is it ok to add a paragraph about the inherent
| extensibility of standard steps (p:xslt and p:xquery)? Something along
| the lines of putting the responsibility on implementors that they
| should not overlook the implicit security considerations of these
| steps.

Done.

                                        Be seeing you,
                                          norm

-- 
Norman Walsh <ndw@nwalsh.com> | It is seldom that any liberty is lost
http://nwalsh.com/            | all at once.--David Hume

Received on Friday, 14 December 2007 13:30:56 UTC