User talk:Linus/vulnerabilities

Explain, I am not seeing how any code would be executed. 22:17, 20 September 2008 (EDT)
 * Essentially, it's an XSS attack. The sndVote function can be closed, and a new one begun, allowing malicious code to be executed. Also, the IP address field can be easily spoofed. --[[Image:Cyan mowse 2.png|25px]] λινυσ (☮) 22:24, 20 September 2008 (EDT)
 * Jeeves pointed out the spoofing of IP address after it first came out, that got resolved be not using the "get" IP function that is sent but rather the PHP script gets it server side. I just didn't up date the code to not bother to send the IP address. I am fairly certain that it would be very difficult to get error free code using this method but I suppose it might be possible. So we will just make so that it is impossible to right valid javascript code as an argument. 22:32, 20 September 2008 (EDT)
 * I have no idea what you guys are saying. I assume it is some sort of nerdspeak—Klingon, perhaps?   00:42, 21 September 2008 (EDT)
 * I would be more than happy to explain it all to you...in detail....if you really want. 00:44, 21 September 2008 (EDT)
 * Could you summarize it in layperson's terms, oh great guru at the top of the wiki?  00:53, 21 September 2008 (EDT)
 * The new WIGO voting extension works using a programming language called Javascript. Javascript can do all kinds of fancy things, like in this case handle all the exchanges about who is voting, how for what, and updating the vote totals all with out having to reload the page. To handle all this the vote extension runs Javascript function, which is a chunk of code. It is possible to write Javascript functions that do really nasty things. The Javascript function that I used sends information based on the parameters you put in to the vote extension such as the "poll=" value. Linus noticed that you could make the name for the poll into javascript code. This might allow someone to code a nasty program so when you click "vote" it runs their javascript.
 * So to close up this security whole I added a few lines of code that strip out certain characters that are required to write javascript but will probably never be used by regular users. Easy enough? 00:58, 21 September 2008 (EDT)
 * Yes. Thank you.  I really do appreciate it when you explain things for me.   01:06, 21 September 2008 (EDT)