GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE

  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Conversation

Notices

  1. Embed this notice
    Cecilia Mjausson Huster (mjausson@mastodon.design)'s status on Saturday, 08-Apr-2023 07:06:41 JST Cecilia Mjausson Huster Cecilia Mjausson Huster
    • Thomas 🔭🕹️

    @thomasfuchs But a security fix that causes websites to run arbitrary code sounds bad. Is there a negation missing?

    In conversation Saturday, 08-Apr-2023 07:06:41 JST from mastodon.design permalink
    • Embed this notice
      SpaceLifeForm (spacelifeform@infosec.exchange)'s status on Saturday, 08-Apr-2023 07:06:51 JST SpaceLifeForm SpaceLifeForm
      • Thomas 🔭🕹️

      @thomasfuchs

      You mean a malicious HTML attack exists, right?

      In conversation Saturday, 08-Apr-2023 07:06:51 JST permalink
    • Embed this notice
      SpaceLifeForm (spacelifeform@infosec.exchange)'s status on Saturday, 08-Apr-2023 09:42:26 JST SpaceLifeForm SpaceLifeForm
      • Thomas 🔭🕹️

      @thomasfuchs

      What I was inferring, and did not spell it out, is that it not the really the fault of the client, but must be malicious websites.

      If the client side can cause the server to execute arbitrary code, then that is a bigger problem.

      Because bad actors would never update their attacking platform.

      In conversation Saturday, 08-Apr-2023 09:42:26 JST permalink

Feeds

  • Activity Streams
  • RSS 2.0
  • Atom
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.