Skip to content
This repository has been archived by the owner on Oct 2, 2019. It is now read-only.

Clarify "break out of the package" #4

Closed
marcoscaceres opened this issue Apr 22, 2013 · 1 comment
Closed

Clarify "break out of the package" #4

marcoscaceres opened this issue Apr 22, 2013 · 1 comment
Assignees
@marcoscaceres
Milestone
First Public Work...

Comments

@marcoscaceres
Copy link
Contributor

Giridhar wrote:

I would recommend under the Security Considerations section that the text be modified to be "The user agent needs to make sure that a symbolic link (or similar) inside a package does not break out of the package and end up pointing to a physical file on the end-users device." I also don't believe everyone has a common understanding of what "break out of the package" means in this context, so it would be good to clarify this phrase.
@marcoscaceres
Copy link
Contributor Author

work in progress...

@ghost ghost assigned marcoscaceres May 3, 2013
marcoscaceres pushed a commit to marcoscaceres/app-uri that referenced this issue May 7, 2013
Reworded text about breaking out of the package (closes sysapps#4)
870e9f1
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@marcoscaceres marcoscaceres

Labels
None yet
Projects
None yet
Milestone
First Public Working Draft
Development

No branches or pull requests
1 participant
@marcoscaceres