This is the mail archive of the xsl-list@mulberrytech.com mailing list .


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]

xsl 1.1 security model?


There's an interesting problem with xslt 1.1 client-side security.

Two of the main features are the document and script elements.

I think that the spec should say something about user-agents having the
ability to disable xsl:script (for anything except XSLT, of course).
 
And I think we should consider the implications of a non-script feature
which allows the transform to [a] write, say, a destructive shell file
to disk, and [b] update startup.cmd or whatever so that the file gets
called next time the machine reboots.
 
>From a security point of view, I want to treat XML files as data not
code. I particularly don't want justifiably paranoid firewall admins all
over the net blocking *.xsl? files at the http, ftp and email firewalls.

Perhaps we could we discuss which features should be enabled by default,
and whether they should be by default disabled for automatically invoked
stylesheets from external machines, or from any machine, or what? 

Francis.

 XSL-List info and archive:  http://www.mulberrytech.com/xsl/xsl-list


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]