Rev as server immune to buffer overflow?
Richard Gaskin
ambassador at fourthworld.com
Fri Apr 22 14:13:43 EDT 2005
MisterX wrote:
> I wouldn't be concerned with them as much as securing a transaction protocol
> before doing any net negotiation... Or making a secure registration protocol
> for securing your software. Etc, etc...
>
> Beware there's a zillion more security holes worse than those. I know a lot
> in Rev but hell im gonna tell ya! Just today, we just got some free tickets
> to a race in zolder.be through a stupid web-form where you could add your
> name to print the ticket in the url ;)) Just an example...
The web form was made in Rev?
All OSes and protocols have security exposures which will affect any
software using them.
But if you know of security exposures *unique to Rev* I agree that it
would be counter-productive to publish them, but perhaps equally
counter-productive to not report them to rev. Given the potential
sensitivity of such issue I'm sure Kevin wouldn't mind a personal email
rather than a public Bugzilla report: kevin at runrev.com
--
Richard Gaskin
Fourth World Media Corporation
__________________________________________________
Rev tools and more: http://www.fourthworld.com/rev
More information about the use-livecode
mailing list