Archive of UserLand's first discussion group, started October 5, 1998.

Re: Scripting and Hacking

Author:Mark J. Gardner
Posted:2/4/2000; 5:13:19 PM
Topic:scriptingNews outline for 2/4/00
Msg #:14930 (In response to 14915)
Prev/Next:14929 / 14931

I wrote the following email to Paul Festa, author of the News.Com article "Hacking hazards come with Web scripting territory". It's pretty self-explanatory, I hope.

Paul:

Your story on News.Com, "Hacking hazards come with Web scripting territory", uses the last paragraph to list some scripting languages other than JavaScript. An otherwise uninformed reader might mistakenly take it to mean that those languages, and perhaps others, enable security problems such as those described earlier in the article.

In fact, HTMLScript (also known as Miva Script) and Perl are usually found only on web servers, and as such are not vulnerable to the security problems described. CGI is merely an interface standard for web servers to use tools such as scripting languages, and isn't a language itself. AppleScript, while found on many Macintosh computers, is to the best of my knowledge not accessible to browser- or email-based security exploits.

I ask that you please publish a correction or clarification for this article, so that these technologies do not suffer any "guilt by association" in the minds of the decision-makers that read your site.

Thank you.

P.S.: The article didn't mention UserTalk -- I'm not sure whether Frontier shops should consider that a blessing or a curse. :-/




This page was archived on 6/13/2001; 4:54:16 PM.

© Copyright 1998-2001 UserLand Software, Inc.