- From: <bry@itnisk.com>
- Date: Fri, 30 Apr 2004 05:58:17 -0400 (EDT)
- To: public-rdf-in-xhtml-tf@w3.org
In the GRDDL note it states under Security Considerations it states: "Implementors should pay special attention to the security implications of any media types that can cause the remote execution of any actions in the recipient's environment. In such cases, the discussion of the "application/postscript" type may serve as a model for considering other media types with remote execution capabilities. Given the expressive power of XSLT, and the possibility to access external resources from a XSLT style sheet (e.g. through the document function or the xsl:import mechanism), implementors should take the appropriate measures to prevent malicious usage of this mechanism." This seems to ignore the most dangerous aspect of the technique outline, that is to say an xsl-t that uses extension functions that then calls objects on the server. I'm not exactly sure anyhow what appropriate security measures the implementor should take, is it being suggested that all stylesheets used in this manner should be processed through first to make sure that there are no xsl:imports, xsl:includes, uses of the document function, extension functions, and so forth? Given that the model for xsl-t usage is a black box this seems to be a difficult to manage process.
Received on Friday, 30 April 2004 07:10:52 UTC