W3C home > Mailing lists > Public > www-rdf-interest@w3.org > February 2005

Re: .rdf file extension security?

From: Charles McCathieNevile <charles@sidar.org>
Date: Tue, 01 Feb 2005 05:16:49 +0100
To: "Phil Archer" <phil.archer@icra.org>, www-rdf-interest@w3.org
Message-ID: <opslh3ibi6w5l938@saturne>

On Mon, 31 Jan 2005 22:13:32 -0000, Phil Archer <phil.archer@icra.org>  
wrote:

> Is there a security issue (real or perceived) around .rdf? Or is it just  
> that the good folk at Geocities/Yahoo/BT haven't added .rdf to the list 
> of allowed file types?

I suspect the latter case. If you have real RDF it is pretty difficult to  
include a security risk (although of course any file with any ending on  
its name can carry something unpleasant...)

>  A Windows server I did manage to upload a .rdf file to then wouldn't  
> serve it back under default settings.

Hmmm. If you have to configure a windows server before it gets around to  
handing back data you give it. Which seems a wierd design choice.  
Otherwise, as already noted, it might just e served with a MIME type that  
results in no software having a sensible indication of how to handle it.

cheers

-- 
Charles McCathieNevile                 Fundacion Sidar
charles@sidar.org                      http://www.sidar.org
Received on Tuesday, 1 February 2005 04:23:34 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:52:13 GMT