From: david-sarah Date: Fri, 18 Nov 2011 00:00:30 +0000 (+0000) Subject: Strengthen description of unauthorized access attack in known_issues.rst. X-Git-Url: https://git.rkrishnan.org/specifications/%5B/%5D%20//%22%22?a=commitdiff_plain;h=891069c2456e87e384a67c83c917191d6579535b;p=tahoe-lafs%2Ftahoe-lafs.git Strengthen description of unauthorized access attack in known_issues.rst. --- diff --git a/docs/known_issues.rst b/docs/known_issues.rst index 441df80f..386ab88d 100644 --- a/docs/known_issues.rst +++ b/docs/known_issues.rst @@ -26,13 +26,13 @@ Known Issues in Tahoe-LAFS v1.9.0, released 31-Oct-2011 ---- -Potential unauthorized access by JavaScript in unrelated files +Unauthorized access by JavaScript in unrelated files -------------------------------------------------------------- If you view a file stored in Tahoe-LAFS through a web user interface, -JavaScript embedded in that file might be able to access other files or -directories stored in Tahoe-LAFS which you view through the same web -user interface. Such a script would be able to send the contents of +JavaScript embedded in that file can, in some circumstances, access other +files or directories stored in Tahoe-LAFS that you view through the same +web user interface. Such a script would be able to send the contents of those other files or directories to the author of the script, and if you have the ability to modify the contents of those files or directories, then that script could modify or delete those files or directories.