Re: Documentation ...

["Rupert G. Goldie" <rgg@aaii.oz.au>]

> > Unfortunately, some of us are on the other side of a fire-wall.  This  
> > means *nothing* besides FTP, telnet, and mail gets in OR out.  This means  
> > I *can't* use WWW or Mosaic.
> 
> Hmm, I think you should take the Skullcleaver and go to talk
> to your company security people :). The stateful sessions like,
> telnet and ftp are much more bigger security risk, than stateless
> sessions like WWW or gopher.
>

No, actually. Until the recent version 2.3 Mosaic had an appalling security
hole. It was possible for someone to write a URL which would execute arbitrary
commands on your machine (and a firewall would not stop it) !
On the other hand we are behind a firewall and let WWW through, but it is a 
matter of weighing the risk/benefit. For some companies it may not be worth
the risk.

> Your company is lost incredible good information source if it
> does not let people go out to use WWW. (no talk to let anyone
> access in, just out).  
> 

It is useful, but don't assume that it isn't a security risk.


Rupert