[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Gnumed-bugs] unhandled exception in report plugin querying ref.pape

From: Karsten Hilbert
Subject: Re: [Gnumed-bugs] unhandled exception in report plugin querying ref.paperwork_templates
Date: Sun, 24 Jul 2011 19:42:36 +0200
User-agent: Mutt/1.5.21 (2010-09-15)

On Sun, Jul 24, 2011 at 09:14:42AM -0700, Jim Busser wrote:

> > However, this log points out
> > 
> > 1) one more way to protect the report generator from "malicious"
> >   queries
> Can you envision a use-case for purposeful attempts at unhandled exceptions 
> where a perpetrator is aiming to achieve something unauthorized?

- exploit a file system bug to hijack the location
  where exception logs are stored
- run a query that throws an exception
- the client auto-switches to debug mode
- pilfer the log(s) for useful information

By "malicious" I meant to say "queries that except the client".

> > 2) one more way to protect the list widget tooltip generator
> >   from excepting the client on unusual circumstances.
> list widget tooltip generator = report generator plugin ?

No: = 

GPG key ID E4071346 @
E167 67FD A291 2BEA 73BD  4537 78B9 A9F9 E407 1346

reply via email to

[Prev in Thread] Current Thread [Next in Thread]