[tahoe-dev] regarding the unsuccessful assaults on the fortress
Frederik Braun
Frederik.Braun+tahoe at ruhr-uni-bochum.de
Tue Aug 10 14:48:31 UTC 2010
Hi,
I've been hanging around on IRC for a while as "ChosenOne" and have thus
followed several discussions about possibly issues arising from
Cross-Site Scripting on a tahoe gateway. After reading a few tickets
(especially #615) and some e-mails by Zooko, I felt a little encouraged
to take a deeper look into this.
It appears to me that malicious JavaScript from the same origin as a
gateway cannot be used to affect integrity or privacy on tahoe.
All URIs appear to be unguessable making commands on a user's files
impossible. Also Cookies do not store crucial data, which further lowers
the effectiveness of XSS. All I can think of now would be some
aggressive mimicry where an uploaded document looks like a website of
the tahoe gateway and encourages the victim to leak private data by
using it. This evil document would contain the usual HTML form-elements
pointing to an attacker-controlled site.
Regards,
Frederik
More information about the tahoe-dev
mailing list