From owner-freebsd-gnome  Fri Nov 22  9:18: 8 2002
Delivered-To: freebsd-gnome@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 3A43D37B401; Fri, 22 Nov 2002 09:18:07 -0800 (PST)
Received: from mail.karamazov.org (h162-040-089-010.adsl.navix.net [162.40.89.10])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 12AF643E6E; Fri, 22 Nov 2002 09:17:52 -0800 (PST)
	(envelope-from smoberly@karamazov.org)
Received: from karamazov.org (mail.karamazov.org [10.0.0.11])
	by mail.karamazov.org (8.12.6/8.12.6) with SMTP id gAMHHHua076493;
	Fri, 22 Nov 2002 11:17:17 -0600 (CST)
	(envelope-from smoberly@karamazov.org)
From: "Scott A. Moberly" <smoberly@karamazov.org>
Received: from 65.221.169.187
        (SquirrelMail authenticated user smoberly)
        by mail.karamazov.org with HTTP;
        Fri, 22 Nov 2002 11:17:17 -0600 (CST)
Message-ID: <3476.65.221.169.187.1037985437.squirrel@mail.karamazov.org>
Date: Fri, 22 Nov 2002 11:17:17 -0600 (CST)
Subject: Re: SOUP
To: <marcus@marcuscom.com>
In-Reply-To: <1037984649.326.1.camel@gyros>
References: <44542.65.221.169.187.1037979346.squirrel@mail.karamazov.org>
        <1037984649.326.1.camel@gyros>
X-Priority: 3
Importance: Normal
Cc: <smoberly@karamazov.org>, <gnome@freebsd.org>,
	<freebsd-ports@freebsd.org>
X-Mailer: SquirrelMail (version 1.2.8)
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
Sender: owner-freebsd-gnome@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-gnome.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-gnome>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-gnome>
X-Loop: FreeBSD.ORG

> On Fri, 2002-11-22 at 10:35, Scott A. Moberly wrote:
>> The SOAP library SOUP is now required throughout the gnome structure.
>> Given that gtkhtml requires it in the Makefile, but does not actually
>> require it.  Given the inherent security issues raised with SOAP.  I
>> was curious if it can be made optional.  It could even be in the
>> negative if you prefer; i.e.
>
> Maybe I've been out of it, but what security issues are we talking
> about?  Can you site references?
>
> Joe
>

My main complaint lies simply with arbitrary access to data without the
user (of the process) having direct control.  Scary if it moves into root
controlled processes.  Other issues involve firewall slipthrough.  Many
other reason's can be found...  google it with soap and security.

Scott A. Moberly
smoberly@karamazov.org



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-gnome" in the body of the message