OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index]
RE: [xml-dev] The <any/> element: bane of security or savior ofversioning?

On Fri, 2007-10-19 at 17:08 +0100, Michael Kay wrote:
> > > When Any occurs in xml documents that are ran through process X the 
> > > system crashes.
> Well, clearly you should either fix the bug in the application or put a
> fence around it to protect it from data it can't handle. 

Doesn't this assume open source or system configurability?  

Or, to put it another way, when people don't have access to the source
or when they are required to use canned COTS installations out of their
control, almost any feature badly implemented can be labelled a risk. So
what people are identifying is not a risk of XML but a risk of some
applications they have seen. 

Rick Jelliffe 

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index]

News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 1993-2007 XML.org. This site is hosted by OASIS