Home > Google, Java, Security > How hosting foreign files risks your users security

How hosting foreign files risks your users security

I found this interesting post about a security hole in Google Code. Its quite complex, though the post is written very well, so you’ll be able to get the point easily.

Basic idea is that thanks to some tricks you can get a Java file thats uploaded to Google Code to start from everywhere and have access to the whole google domain. So if you’re a Google user and you are logged in this java applet is logged in as well.

Google was able to disable this unwanted functionality, but I’m pretty sure that if you search for other websites with those problems you’ll find em out there.

About these ads
  1. 08.04.2008 at 11:02 am | #1

    Thats what you get when you play with the devil!
    :-)
    G/

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

%d bloggers like this: