Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Comment: Simple solution (Score 1) 355

by zcv (#30082198) Attached to: Flash Vulnerability Found, Adobe Says No Fix Forthcoming

Seems like the simple solution is to serve all non-trusted content from a separate hostname. For example, serve avatars or uploaded files from usercontent.example.com.

As far as I can tell this would stop the attack nicely. The malicious SWF would execute in the context of a domain you don't care about.

My computer can beat up your computer. - Karl Lehenbauer