- From: Rui Lopes <rlopes@di.fc.ul.pt>
- Date: Fri, 14 Dec 2007 11:38:26 +0000
- To: public-xml-processing-model-wg@w3.org
- Message-ID: <47626B32.7060009@di.fc.ul.pt>
Norm, Norm, I think it is ok, although we may consider extending err:XD0021 to cope with execution stuff, not just resource access. Furthermore, is it ok to add a paragraph about the inherent extensibility of standard steps (p:xslt and p:xquery)? Something along the lines of putting the responsibility on implementors that they should not overlook the implicit security considerations of these steps. Cheers, Rui Norman Walsh wrote: > Are you satisfied with the new Security Considerations section? > > / Rui Lopes <rlopes@di.fc.ul.pt> was heard to say: > | More dangerous than p:load, p:store or p:http-request, the p:exec is > | prone to abuse, especially on importing externally-defined pipeline > | libraries. > | > | We should say something about it either in Section 2.9 (Security > | Considerations), or in the step declaration (7.2.1). > | > | p:xslt has the same problem, as some XSLT implementations (e.g., > | Saxon) afford embedding and executing arbitrary Java methods. > | > | p:xquery might be prone to the same issue. > | > | Cheers, > | Rui > | > | -- > | > | +---------------------------------------------------------------------------------------+ > | | Rui Lopes <rlopes@di.fc.ul.pt> Work: +351217500532 | > | | Researcher/PhD Student Cell: +351967504370 | > | | Faculty of Sciences, University of Lisbon; LaSIGE Research Lab Fax: +351217500533 | > | | Portugal | > | +---------------------------------------------------------------------------------------+ > > Be seeing you, > norm >
Received on Friday, 14 December 2007 11:38:41 UTC