[XML-DEV Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message] Re: SOAP, plague, love
On Fri, 5 May 2000, Dave Winer wrote: > Not running an HTTP server? Then you'll never get one. So, all new Red Hat linux installations will though. (I know that's Red Hat's fault - but the ILOVEYOU virus is MS's fault - but blame doesn't stop it spreading). > Can a firewall administrator block SOAP and XML-RPC messages? Absolutely. Not easily with Linux ipchains firewalls. We're talking 30% of the world's web servers here. As for XML-RPC being only as inherently insecure as CGI's, well that may be true. But we're still discovering wierd security issues with CGI's that even careful CGI writers have been bitten by (XSS). I await with interest the XML-RPC/SOAP cert advisories ;-) While I do mean that humorously (I hope it never happens) let's not be naive here. XML-RPC is something new. So was Javascript, and it was also designed to be secure from the outset. So was Java. All had (have) security bugs. -- <Matt/> Fastnet Software Ltd. High Performance Web Specialists Providing mod_perl, XML, Sybase and Oracle solutions Email for training and consultancy availability. http://sergeant.org http://xml.sergeant.org *************************************************************************** This is xml-dev, the mailing list for XML developers. To unsubscribe, mailto:majordomo@x...&BODY=unsubscribe%20xml-dev List archives are available at http://xml.org/archives/xml-dev/ ***************************************************************************
|
PURCHASE STYLUS STUDIO ONLINE TODAY!Purchasing Stylus Studio from our online shop is Easy, Secure and Value Priced! Download The World's Best XML IDE!Accelerate XML development with our award-winning XML IDE - Download a free trial today! Subscribe in XML format
|