[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Lynx-dev] Possible more elegant fix for Lynx vulnerability?

From: Thomas Dickey
Subject: Re: [Lynx-dev] Possible more elegant fix for Lynx vulnerability?
Date: Tue, 13 Oct 2020 14:51:24 -0400
User-agent: NeoMutt/20170113 (1.7.2)

On Tue, Oct 13, 2020 at 06:49:51AM -0500, Naveen Albert via Lynx-dev wrote:
> Hello,
>    I've written up a whitepaper about a vulnerability with default Lynx
> configurations that could allow anonymous users potentially privilege
> escalate and compromise a machine:

There's no new information presented there.

It's concerned with kiosk mode -- which no one appears to have used for
a while -- without presenting an example of where it's actually used.

Whether the default configuration for kiosk mode is suitable is a
different matter.  The paper gives no indication that any of that was
taken into account, either.  It certainly gives the impression that the
author is unaware of how to configure lynx for kiosk mode.

The manual page is a good place to start for that information.

Thomas E. Dickey <>

Attachment: signature.asc
Description: PGP signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]