More dangerous than p:load, p:store or p:http-request, the p:exec is prone to abuse, especially on importing externally-defined pipeline libraries. We should say something about it either in Section 2.9 (Security Considerations), or in the step declaration (7.2.1). p:xslt has the same problem, as some XSLT implementations (e.g., Saxon) afford embedding and executing arbitrary Java methods. p:xquery might be prone to the same issue. Cheers, RuiReceived on Friday, 30 November 2007 15:56:43 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 8 January 2008 14:21:54 GMT