Re: last calling WebDAV mounting spec, was I-D ACTION:draft-reschke-webdav-mount-01.txt

> Funny enough, supporting the Webfolder client actually was an  
> afterthought, and both other current client implementations fall  
> into the filesystem category.
>
> And, as a matter of fact, both implementors asked for the ability  
> to also <open> files, so that they can be directly edited.
>
> The problem here is a security risk, mentioned in <http:// 
> greenbytes.de/tech/webdav/draft-reschke-webdav-mount- 
> latest.html#security.considerations>: if a client just maps the  
> WebDAV server to a filesystem, and translates <open> requests into  
> whatever the system's shell does on double-click, this introduces a  
> huge security hole: a malevolent could simply send a <open> request  
> for an executable file, and the client would then potentially open  
> (= execute) it without any additional confirmation by the user.
>
> I'm not saying that this issue can't be dealt with, but at this  
> stage I preferred to err on the side of security. If people feel  
> the spec should allow <open> on non-collection, please try to come  
> up with a spec text that can address this concern.

I dunno -- it doesn't seem reasonable that the default mapping of GET  
to an executable resource would be to execute a binary. For example,  
this isn't the case with Apache.

- Jim

Received on Monday, 26 September 2005 19:50:30 UTC