- From: Harry Halpin <hhalpin@ibiblio.org>
- Date: Tue, 20 Mar 2007 23:44:45 -0400
- To: Elliotte Harold <elharo@macfaq.com>
- Cc: public-grddl-comments@w3.org
Eliotte,
Thanks so much for the comment. Working Group member Jeremy Carroll
believes this would address your comment. The particular operation we
had in mind was from XSLT2: xsl:result-document. Perhaps we should make
this more explicit.
The rewrite of this section was motivated by implementer feedback.
Particularly concerning test security in
http://jena.sourceforge.net/test/grddl/
which, with a little imagination, could be modified so that malicious
code took control of an overly trusting machine (by writing
appropriately to a key OS file). We are currently working on drafting a
more complete test-suite for GRDDL. Do you think this response addresses
your comment by itself, or
should we add a test for this directly to the test suite?
Elliotte Harold wrote:
>
> In section 8 I find:
>
> In particular, operations to read or write URLs are more safely
> executed with the privileges associated with an untrusted party,
> rather than the current user.
>
> I'm not sure what you're considering here with respect to the write
> half of this pair. Standard XSLT never writes any URL, and I wouldn't
> expect GRDDL to as a general rule. In other words, XSLT only GETs.
> never POSTs or PUTs.
>
> There are extensions to do this but you warn against them separately.
>
>
--
-harry
Harry Halpin, University of Edinburgh
http://www.ibiblio.org/hhalpin 6B522426
Received on Wednesday, 21 March 2007 03:44:51 UTC