Silicon Investor (SI) -- The First Internet Community

STOCKTALK

We've detected that you're using an ad content blocking browser plug-in or feature. Ads provide a critical source of revenue to the continued operation of Silicon Investor. We ask that you disable ad blocking while on Silicon Investor in the best interests of our community. If you are not using an ad blocker but are still receiving this message, make sure your browser's tracking protection is set to the 'standard' level.

Technology Stocks : All About Sun Microsystems -- Ignore unavailable to you. Want to Upgrade?

To: JDN who wrote (31210)	4/22/2000 8:31:00 AM
From: rudedog	Read Replies (1) \| Respond to of 64865

JDN - I have done some digging on the "weeinie security hole" and have concluded that all of this talk about class action suits etc. is just silly. There was no "back door"... no secret password... only an old DLL, dvwssr.dll, which was a part of the Visual Interdev 1.0 code. Visual Interdev has not been shipped for nearly 3 years (it was replaced by FrontPage 98) but the DLL is included for backward compatibility. According to a guy who knows more about it than I do: "That file's only function is to support the Link View feature in the obsolete Visual Interdev 1.0. It lets people with web author permission run code on the web server. But that's a right a web author already had. The security glitch is if the web author permissions are set incorrectly or if dvwssr.dll is copied to the wrong folder, one with lower-level permissions. But no software can protect against an administrator who sets permissions incorrectly." In addition, there is no known instance of this "security flaw" causing a problem, and it is hard to imagine what problem it could cause. MSFT buying off the media? Give me a break - MSFT can't get the media to give them the time of day any more.