<!-- saved from url=(0014)about:internet --> vs

Discussion in 'HTML' started by G Doucet, Sep 10, 2006.

  1. G Doucet

    G Doucet Guest

    I know I haven't done any HTML since I upgraded to winXP last November - I previously had win98 - but I'm getting errors that I
    never had before.

    Please note that I am currently working on a small "quick-reference" web site for my work. I am creating it on my home computer,
    and then emailing the htm and image files to my work laptop. On occasion, I also email some files back to my home computer. Also
    note that I create my htm files using NotePad, and some of my files do have short javascript code.

    Anyway, one problem that has been bothering me is Internet Explorer's popup message which says something like this:

    ---------------
    To help protect your security, Internet Explorer has restricted this file from showing active content that could access your
    computer. Click here for options...
    ---------------

    Also, I noticed that some links were no longer working and that while viewing files on my own hard drive, I could see on the bottom
    right of the Internet Explorer window that it was treating some of my files as if they were risky - showing the red circle with the
    white bar.



    Well first, I found that when I email a file from my laptop to my home computer, it sets some kind of file attribute, and Internet
    Explorer will treat this as a risky file, unless I clear this attribute in the file's properties.

    Second, I found that when I email a file from my laptop to my home computer, it adds the comment text <!-- saved from
    url=(0022)http://internet.e-mail --> to the top of my html code and thus some links don't appear to work unless I remove this
    comment. BTW, is it my Outlook Express adding this, and if so, can I turn off this feature?

    Third, I found that my IE6 will show that popup message on local files (for some reason) but I also found that I could add the
    following to the top of my html file as a workaround <!-- saved from url=(0014)about:internet --> to apparently get Internet
    Explorer to think it's a file from the Internet?



    Now this workaround comment (as I call it) does get rid of that annoying popup, but it creates another problem for me. My anchors
    that are linked to images no longer work. For example:

    <a href="image.gif>motor gears</a>

    This used to work, but nothing happens when you click on the ablce link with <!-- saved from url=(0014)about:internet --> at the top
    of my file.

    Can someone help me with this new XP environment?
    G Doucet
    G Doucet, Sep 10, 2006
    #1
    1. Advertising

  2. G Doucet wrote:

    > Second, I found that when I email a file from my laptop to my home
    > computer, it adds the comment text <!-- saved from
    > url=(0022)http://internet.e-mail --> to the top of my html code and
    > thus some links don't appear to work unless I remove this comment.
    > BTW, is it my Outlook Express adding this, and if so, can I turn off
    > this feature?


    I think (awfully sure) that Outlook Express is the culprit. Last year I
    was assisting a newbie with writing html files. I would email a complete
    file as an attachment. When she would do a Save from her OE, that line
    would get added.

    We never found a way to make it stop doing that. Each file she saved,
    she then had to edit it with a text editor to remove that silly comment.

    Try setting yourself up with a modern email client instead of OE.
    Thunderbird should remove the problem.
    http://www.mozilla.com/thunderbird/

    --
    -bts
    -Motorcycles defy gravity; cars just suck.
    Beauregard T. Shagnasty, Sep 10, 2006
    #2
    1. Advertising

  3. G Doucet

    John Hosking Guest

    G Doucet wrote:

    > Well first, I found that when I email a file from my laptop to my home computer, it sets some kind of file attribute, and Internet
    > Explorer will treat this as a risky file, unless I clear this attribute in the file's properties.
    >
    > Second, I found that when I email a file from my laptop to my home computer, it adds the comment text <!-- saved from
    > url=(0022)http://internet.e-mail --> to the top of my html code and thus some links don't appear to work unless I remove this
    > comment. BTW, is it my Outlook Express adding this, and if so, can I turn off this feature?
    >

    Well, I don't know how you're doing the mailing now, but I would think
    that if you took all the files (HTML, images, CSS, etc.) and zipped them
    into one .zip file, and e-mailed yourself _that_, you wouldn't have any
    problems with OE or anything else meddling in your files.

    --
    HTH,
    John
    John Hosking, Sep 10, 2006
    #3
  4. G Doucet <> scripsit:

    >- - I am currently working on a small "quick-reference"
    > web site for my work. I am creating it on my home computer, and then
    > emailing the htm and image files to my work laptop.


    Others have suggested that you use email software other than Outlook Express
    or send the files as zipped (which is easy when using Windows XP, since it
    has built-in support to zipping). I guess either of those approaches is
    sufficient for the problem you describe here and in your Subject: header,
    but there's a little more.

    > Also, I noticed that some links were no longer working and that while
    > viewing files on my own hard drive, I could see on the bottom right
    > of the Internet Explorer window that it was treating some of my files
    > as if they were risky - showing the red circle with the white bar.


    As far as I can see, the problem is that IE treats such a local file as
    belonging to "risk zone" - even though if you view the Internet settings,
    they probably show the risk zone as empty. This is tough for developers, but
    it's meant to protect users who might have copies of www pages on their disk
    without knowing about the problems. (Changing the properties of the risk
    zone might not be a good idea, since some day you might really want to put
    some sites into the risk zone.)

    Thus, to test pages containing JavaScript code, it is best to test them
    after uploading them onto a www server (though before announcing them or
    linking to them). Naturally you can and normally should test everything else
    locally. That way you will automatically test that the page works _somehow_
    when JavaScript is disabled, too.

    > Well first, I found that when I email a file from my laptop to my
    > home computer, it sets some kind of file attribute, and Internet
    > Explorer will treat this as a risky file, unless I clear this
    > attribute in the file's properties.


    Well spotted.

    > Second, I found that when I email a file from my laptop to my home
    > computer, it adds the comment text <!-- saved from
    > url=(0022)http://internet.e-mail --> to the top of my html code and
    > thus some links don't appear to work unless I remove this comment.


    That sounds strange. Which kinds of links don't work? Are you referring just
    to links to images as described later?

    Anyway, that comment is harmful as such, since _anything_ before the
    <!DOCTYPE> declaration throws IE into "quirks mode" (i.e., intentionally
    broken mode of operation where IE 6+ simulates errors of older versions of
    the browser).

    > BTW, is it my Outlook Express adding this, and if so, can I turn off
    > this feature?


    It's certainly OE _on saving_ the file. The email message that you send with
    IE does not contain such a string. OE adds it when saving the file (and even
    if you just click on the attachment icon to open it in a browser).

    > Third, I found that my IE6 will show that popup message on local
    > files (for some reason) but I also found that I could add the
    > following to the top of my html file as a workaround <!-- saved
    > from url=(0014)about:internet --> to apparently get Internet Explorer
    > to think it's a file from the Internet?


    That's quite astonishing. Apparently IE treats local files as being in the
    risk zone _unless_ they have that magic comment _and_ have the "risky file
    from the Internet" flag cleared. I might see some strange logic behind this,
    which probably means I'm getting mad and they are going to take me away...

    The way I see is that IE actually _prevents_ JavaScript execution in this
    case, or makes dependent on the user's permission, depending on the security
    settings for the risk zone.

    > Now this workaround comment (as I call it) does get rid of that
    > annoying popup, but it creates another problem for me. My anchors
    > that are linked to images no longer work. For example:
    > <a href="image.gif>motor gears</a>


    I was able to reproduce the problem but then I got very confused: removing
    the comment did not change the situation, and for a copy of the file things
    were different. I should probably start testing from scratch (with a file
    that just created locally) - but I think I've seen enough and will just
    avoid using OE to receive HTML attachments.

    --
    Jukka K. Korpela ("Yucca")
    http://www.cs.tut.fi/~jkorpela/
    Jukka K. Korpela, Sep 10, 2006
    #4
  5. G Doucet

    G Doucet Guest

    I guess I'm ok as far as sending files between the two computers, I was just wondering how and why my html files were being modified
    in the process.

    Also, the html files that I am writing will not be used on a web server. They will just be on my laptop's hard drive.

    But being local files, Internet Explorer keeps showing a popup message on the html files which contain javascripts. This is really
    annoying.

    While searching the Internet about this, I found that by adding <!-- saved from url=(0014)about:internet --> at the top of my html
    file, the popups go away. BTW, does anyone else use this?

    But now my links to images don't work. Here's an example: I placed a test.htm file and image.gif file on my desktop. Test.htm is
    like this:

    <HTML>
    <BODY>
    <A href="image.gif" target="_blank">test</A>
    </BODY>
    </HTML>

    And like this, the link works. But if I add that so called workaround comment, the link doesn't work. Example:

    <!-- saved from url=(0014)about:internet -->
    <HTML>
    <BODY>
    <A href="image.gif" target="_blank">test</A>
    </BODY>
    </HTML>

    Any ideas why?
    PS. My links to htm files are ok.
    G Doucet
    G Doucet, Sep 10, 2006
    #5
  6. G Doucet

    Dan Guest

    Re: <!-- saved from url=(0014)about:internet --> vs

    G Doucet wrote:
    > But being local files, Internet Explorer keeps showing a popup message on the html files which contain javascripts. This is really
    > annoying.


    What does a *decent* browser, like Mozilla Firefox, do?

    --
    Dan
    Dan, Sep 10, 2006
    #6
  7. G Doucet <> scripsit:

    > I guess I'm ok as far as sending files between the two computers,


    Are you responding to something? It is normal practice on Usenet to quote or
    paraphrase what you are commenting on. It's now impossible to see whether
    you understood the previous messages that suggested working ways to overcome
    the problem.

    --
    Jukka K. Korpela ("Yucca")
    http://www.cs.tut.fi/~jkorpela/
    Jukka K. Korpela, Sep 10, 2006
    #7
  8. G Doucet

    Guest

    Re: <!-- saved from url=(0014)about:internet --> vs

    G Doucet wrote:

    > Third, I found that my IE6 will show that popup message on
    > local files (for some reason) but I also found that I could add
    > the following to the top of my html file as a workaround
    > <!-- saved from url=(0014)about:internet --> to apparently
    > get Internet Explorer to think it's a file from the Internet?


    This is the poorly known and generally misunderstood "Mark Of The Web",
    or MOTW. It adjusts the operation of the "Local Machine Lockdown"
    feature that was added in Windows XP SP2.

    Quoting from elsewhere: "The role of the MOTW is more prominent with
    IE6 for Windows XP SP2 because of increased security restrictions in
    the Local Machine zone. When you are developing Web content, the MOTW
    enables you to test your active HTML documents in the security zone
    where you intend the pages to run, instead of in the increased security
    restrictions of the Local Machine zone."

    In short, with IE6 on XP SP2, local files are subjected, by default, to
    *more* security restrictions (not *less*) that remote files. By adding
    the MOTW, you tell IE6 to treat those files like remote files when
    deciding what restrictions to apply to them.

    HTH
    TC (MVP MSAccess)
    http://tc2.atspace.com
    , Sep 12, 2006
    #8
  9. G Doucet

    TC Guest

    Re: <!-- saved from url=(0014)about:internet --> vs

    (reposted with corrected Author)


    G Doucet wrote:
    > Third, I found that my IE6 will show that popup message on
    > local files (for some reason) but I also found that I could add
    > the following to the top of my html file as a workaround
    > <!-- saved from url=(0014)about:internet --> to apparently
    > get Internet Explorer to think it's a file from the Internet?



    This is the poorly known and generally misunderstood "Mark Of The Web",
    or MOTW. It adjusts the operation of the "Local Machine Lockdown"
    feature that was added in Windows XP SP2.

    Quoting from elsewhere: "The role of the MOTW is more prominent with
    IE6 for Windows XP SP2 because of increased security restrictions in
    the Local Machine zone. When you are developing Web content, the MOTW
    enables you to test your active HTML documents in the security zone
    where you intend the pages to run, instead of in the increased security
    restrictions of the Local Machine zone."


    In short, with IE6 on XP SP2, local files are subjected, by default, to
    *more* security restrictions (not *less*) that remote files. By adding
    the MOTW, you tell IE6 to treat those files like remote files when
    deciding what restrictions to apply to them.


    HTH
    TC (MVP MSAccess)
    http://tc2.atspace.com
    TC, Sep 12, 2006
    #9
  10. G Doucet

    Andy Dingley Guest

    Re: <!-- saved from url=(0014)about:internet --> vs

    TC wrote:



    > This is the poorly known and generally misunderstood "Mark Of The Web",
    > or MOTW. It adjusts the operation of the "Local Machine Lockdown"
    > feature that was added in Windows XP SP2.


    Hang on - have I got this right?

    Suppose I'm an 3v1l h4xx0r d00d, out to perform evil upon your IE
    browser. I manage to deploy my nasty payload to your machine, but IE
    saves you because the local filesystem is now seen as untrustworthy
    (I'll let the stupidity of this approach pass for a moment).

    Now I'm thwarted and my evil doings are as naught. But if I add the
    mystical incantation <!-- saved from url=(0014)about:internet --> to my
    payload files, they'll start being powerfully evil again ?

    Excuse me if I'm somewhat underwhelmed by this particular bit of
    Security Theatre....
    Andy Dingley, Sep 12, 2006
    #10
  11. G Doucet

    TC Guest

    Re: <!-- saved from url=(0014)about:internet --> vs

    Andy Dingley wrote:
    > TC wrote:
    > > This is the poorly known and generally misunderstood "Mark Of The Web",
    > > or MOTW. It adjusts the operation of the "Local Machine Lockdown"
    > > feature that was added in Windows XP SP2.

    >
    > Hang on - have I got this right?
    >
    > Suppose I'm an 3v1l h4xx0r d00d, out to perform evil upon your IE
    > browser. I manage to deploy my nasty payload to your machine, but IE
    > saves you because the local filesystem is now seen as untrustworthy
    > (I'll let the stupidity of this approach pass for a moment).
    >
    > Now I'm thwarted and my evil doings are as naught. But if I add the
    > mystical incantation <!-- saved from url=(0014)about:internet --> to my
    > payload files, they'll start being powerfully evil again ?
    >
    > Excuse me if I'm somewhat underwhelmed by this particular bit of
    > Security Theatre....


    1. The change increases the default security of the Local Zone. I think
    that's a good idea.

    2. It is not a "mystical incantation". It is clearly documented in
    MSDN:
    http://msdn.microsoft.com/library/default.asp?url=/workshop/author/dhtml/overview/motw.asp

    3. It faciliates local testing of pages that will eventually be run
    from other security zones (Internet, Restricted, Trusted, etc.).

    TC (MVP MSAccess)
    http://tc2.atspace.com
    TC, Sep 12, 2006
    #11
  12. G Doucet

    Andy Dingley Guest

    Re: <!-- saved from url=(0014)about:internet --> vs

    TC wrote:

    > 1. The change increases the default security of the Local Zone. I think
    > that's a good idea.


    You get to write to my filesystem, I'm 0wned already. Let's concentrate
    on not having the first Bad Thing happen in the first place.


    > 2. It is not a "mystical incantation". It is clearly documented in
    > MSDN:


    That's the point. Here's a security measure that's well-intentioned, if
    somewhat weak. Then they've publically written down how to make a key
    to unlock it.
    Andy Dingley, Sep 12, 2006
    #12
  13. G Doucet

    TC Guest

    Re: <!-- saved from url=(0014)about:internet --> vs

    Andy Dingley wrote:
    > TC wrote:
    >
    > > 1. The change increases the default security of the Local Zone. I think
    > > that's a good idea.

    >
    > You get to write to my filesystem, I'm 0wned already.


    No, that depends on what I can write, and where I can write it. I can't
    own your PC by writing text files to the TEMP directory.

    MOTW relates specifically to content written by browsers (possibly
    running under restricted accounts) to the places that browsers can
    actually write to. That is the context in which to discuss it. *All*
    security mechanisms become irrelevant if the attacker can write
    anything to anywhere.


    > > 2. It is not a "mystical incantation". It is clearly documented in MSDN:

    >
    > That's the point. Here's a security measure that's well-intentioned, if
    > somewhat weak. Then they've publically written down how to make a key
    > to unlock it.


    Unlock what?

    Go to groups.google.com. View the first few lines of the source
    (without saving it). Now File : SaveAs the page, and look at the saved
    source. You'll see that *IE itself* has added the MOTW. Run the saved
    file locally - all is good. Now remove the MOTW, and run it again -
    you'll get the active content warning.

    Adding the MOTW has not "unlocked" anything. It has not let the page do
    anything that it couldn't do before. It has not magically elevated the
    page above the Internet Zone permissions.

    TC (MVP MSAccess)
    http://tc2.atspace.com
    TC, Sep 12, 2006
    #13
  14. G Doucet

    G Doucet Guest

    Re: <!-- saved from url=(0014)about:internet --> vs

    TC wrote:
    >
    > Andy Dingley wrote:
    >> TC wrote:
    >>
    >> > 1. The change increases the default security of the Local Zone. I think
    >> > that's a good idea.

    >>
    >> You get to write to my filesystem, I'm 0wned already.

    >
    > No, that depends on what I can write, and where I can write it. I can't
    > own your PC by writing text files to the TEMP directory.
    >
    > MOTW relates specifically to content written by browsers (possibly
    > running under restricted accounts) to the places that browsers can
    > actually write to. That is the context in which to discuss it. *All*
    > security mechanisms become irrelevant if the attacker can write
    > anything to anywhere.
    >
    >
    >> > 2. It is not a "mystical incantation". It is clearly documented in MSDN:

    >>
    >> That's the point. Here's a security measure that's well-intentioned, if
    >> somewhat weak. Then they've publically written down how to make a key
    >> to unlock it.

    >
    > Unlock what?
    >
    > Go to groups.google.com. View the first few lines of the source
    > (without saving it). Now File : SaveAs the page, and look at the saved
    > source. You'll see that *IE itself* has added the MOTW. Run the saved
    > file locally - all is good. Now remove the MOTW, and run it again -
    > you'll get the active content warning.
    >
    > Adding the MOTW has not "unlocked" anything. It has not let the page do
    > anything that it couldn't do before. It has not magically elevated the
    > page above the Internet Zone permissions.
    >
    > TC (MVP MSAccess)
    > http://tc2.atspace.com
    >


    The Mark Of The Web must be generally misunderstood because I am at a loss.

    It is written here http://msdn.microsoft.com/library/default.asp?url=/workshop/author/dhtml/overview/motw.asp that to mitigate the
    security risk of attackers trying to exploit the Local Machine zone and its looser restrictions to access my computer, Internet
    Explorer 6 for Windows XP SP2 "locks down" the Local Machine zone.


    So I'm guessing that prior to Internet Explorer 6 for Windows XP SP2, the local zone was like a free for all, and that now with
    Internet Explorer 6 for Windows XP SP2, the local zone is lock down. It must be because now I get prompted when I open one of my
    own HTML files on my D: drive just because it has two lines of simple javascript!?

    It is also written that the Mark of the Web (MOTW) is a feature of Microsoft Internet Explorer that enhances security by enabling
    Internet Explorer to force Web pages to run in the security zone of the location the page was saved from as long as that security
    zone is more restrictive than the Local Machine zone.

    I don't know what that means "the location the page was saved from", because I created my own HTML files from scratch using notepad,
    and I didn't save them from anywhere!?

    It is also written there that by referencing the MOTW, Internet Explorer can force web pages into a zone that has more restrictions,
    such as the Internet zone. At the same time, the MOTW cannot be used to elevate Web pages to a zone with fewer restrictions.

    Well first they say that the local zone is locked down and now they say that the MOTW can't raise IE to a less restricitve zone.
    It's not making sense. :p

    Help.
    G Doucet
    G Doucet, Sep 12, 2006
    #14
  15. "Jukka K. Korpela" <> writes:

    > Anyway, that comment is harmful as such, since _anything_ before the
    > <!DOCTYPE> declaration throws IE into "quirks mode"


    <http://bednarz.nl/+/sgml/doctype/exploder/cc>

    (this would actually be useful if the version vector was set to 7, but
    in that case less verbosity is required to make a difference

    <http://bednarz.nl/+/sgml/doctype/exploder/pi>

    :)


    --
    ||| hexadecimal EBB
    o-o decimal 3771
    --oOo--( )--oOo-- octal 7273
    205 goodbye binary 111010111011
    Eric B. Bednarz, Sep 13, 2006
    #15
  16. G Doucet

    Andy Dingley Guest

    Re: <!-- saved from url=(0014)about:internet --> vs

    TC wrote:

    > You'll see that *IE itself* has added the MOTW.


    Agreed.

    Now what's to stop the 3v1l h4xx0r adding that mark themselves, before
    writing the page ?

    This is annotation that says "Trust this page, it's OK really", but
    it's also trivial to forge it.


    If they _really_ needed a "MotW", then it should have used a
    secure(sic) PK implementation and been made unforgeable.
    Andy Dingley, Sep 13, 2006
    #16
  17. G Doucet

    TC Guest

    Re: <!-- saved from url=(0014)about:internet --> vs

    G Doucet wrote:

    > The Mark Of The Web must be generally misunderstood because I am at a loss.


    Hi, G :)

    I'm at the end of a long day, so I may need to postpone answering you
    until tomorrow (Thursday, where I live).

    Cheers,
    TC (MVP MSAccess)
    http://tc2.atspace.com
    TC, Sep 13, 2006
    #17
  18. G Doucet

    TC Guest

    Re: <!-- saved from url=(0014)about:internet --> vs

    Andy Dingley wrote:
    > TC wrote:
    >
    > > You'll see that *IE itself* has added the MOTW.

    >
    > Agreed.
    >
    > Now what's to stop the 3v1l h4xx0r adding that mark themselves, before writing the page ?


    Nothing. But you still need to focus on who is creating the file & how
    they are creating it.

    o If the file is being created through the normal operation of IE,
    then, including the MOTW does not /elevate/ the page's priviliges (ie.
    it does not make them /higher/ than they were before). It stops IE
    /degrading/ the pages priviliges (ie. making them /lower/ than they
    were before). So the hacker is wecome to add the MOTW to their pages as
    much as he likes. This does not gain him anything that he did not have
    before. Indeed, as I have shown, IE will actually add the mark for him!

    o If the file is being created by someone who has somehow obtained
    unauthorized access to the local filesystem, then, all bets are off,
    and the MOTW is irrelevant.

    > This is annotation that says "Trust this page, it's OK really", but it's also trivial to forge it.


    No - that's not what it says. The MOTW says, "Dear IE, please run this
    page under the security restrictions applicable to the Zone (Internet,
    Trusted, or Restricted) that is applicable to the URL in the MOTW."

    The only way that this would be a problem, is if a page from a website
    in the Internet Zone, could include an MOTW that asked for that page to
    be run in the Trusted Zone - thus illegally elevating the priviliges of
    that page.

    I haven't tested that case myself, but, I'm absolutely confident that
    MS know what they are doing with this, and therefore, that it would
    *not* serve to elevate the untrusted page's security zone. But I will
    test this in due course.

    In summary, you shouldn't assume that the MS folks who desiged this
    feature, are total idiots, and have overlooked something as simple as
    the hacker adding his own MOTW. They've made various security bloopers
    over the years - but they aren't total idiots. You can't seriously
    believe that there are folks in MS thinking: "D'oh!! We forgot that the
    hacker could add an MOTW himself!!"

    TC (MVP MSAccess)
    http://tc2.atspace.com
    TC, Sep 13, 2006
    #18
  19. G Doucet

    TC Guest

    Re: <!-- saved from url=(0014)about:internet --> vs

    TC wrote:

    > I haven't tested that case myself, but, I'm absolutely confident that
    > MS know what they are doing with this, and therefore, that it would
    > *not* serve to elevate the untrusted page's security zone. But I will
    > test this in due course.


    Here's what I'm guessing:

    o A page author can *not* use an MOTW in such a way as to illegally
    elevate the priviliges of that page *when the page is run from the
    relevant site on the web*. IE will prevent this somehow. (Perhaps it
    will delete the illegal MOTW, or put the various MOTWs in some
    particular order in the file, or whatever.)

    But:

    o A person with access to the local filesystem can add an MOTW to a
    page, so when that page is run *from disk*, it will have higher
    priviliges that it had when it was run from the web. *But*, that's not
    a break, because a person with access to the local filesystem can break
    the system in arbitrary other ways, independent of the presence or
    absence of MOTWs.

    I'll see if testing confirms all this. But not now, as I am off for a
    meal.

    TC (MVP MSAccess)
    http://tc2.atspace.com
    TC, Sep 13, 2006
    #19
  20. G Doucet

    TC Guest

    Re: <!-- saved from url=(0014)about:internet --> vs

    TC wrote:
    > TC wrote:
    >
    > > I haven't tested that case myself, but, I'm absolutely confident that
    > > MS know what they are doing with this, and therefore, that it would
    > > *not* serve to elevate the untrusted page's security zone. But I will
    > > test this in due course.



    Back from dinner.

    Here's my final guess, prior to actually testing it: IE will *ignore*
    all MOTWs in pages that are run from the web (as opposed to pages that
    are run from the local filesystem).

    This, if true, would prove my contention that you can not use MOTW to
    illegally elevate your page permissions - unless you have access to the
    local filesystem (and can alter the filesystem copy of the page *and*
    get the user to run it from there - in which case, the system is owned
    regardless).

    I'll test this tomorrow. But that's my bet on how it will work.

    TC (MVP MSAccess)
    http://tc2.atspace.com
    TC, Sep 13, 2006
    #20
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Jon paugh
    Replies:
    1
    Views:
    684
  2. Simon
    Replies:
    3
    Views:
    4,246
    Joerg Jooss
    Jan 15, 2005
  3. cmay
    Replies:
    0
    Views:
    1,113
  4. G Doucet
    Replies:
    0
    Views:
    1,333
    G Doucet
    Oct 2, 2006
  5. Just D.
    Replies:
    0
    Views:
    402
    Just D.
    Aug 11, 2004
Loading...

Share This Page