LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

The current development kernel is...linux-next?

Notes on the Viacom ruling

LWN.net Weekly Edition for July 3, 2008

More DTrace envy

LWN.net Weekly Edition for June 26, 2008

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

Removing an edge

Removing an edge

Posted Mar 24, 2005 18:37 UTC (Thu) by pm101 (subscriber, #3011)
Parent article: GreaseMonkey: a two-edged sword

I think the problem is fixable. The trick would be to install scripts with appropriate permissions. One that can modify slashdot.org should only be allowed to modify pages on slashdot.org, and not on paypal.com or bankofamerica.com. You risk having a slashdot account stolen, but not much more. Secure sites remain secure.

Skimming the web page, it looks like it already has that functionality in place, although it's not clear from the documentation whether it is secure-by-default or insecure-by-default.

(Log in to post comments)

Removing an edge

Posted Mar 31, 2005 9:37 UTC (Thu) by alextingle (subscriber, #20593) [Link]

Or just disable it completely for https:// pages.

Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds
Powered by Rackspace Managed Hosting.