First off.. There is a security hole older versions of Jetspeed. It is fixed in the current version within CVS. If you were to request a portlet with the URL of file:///etc/passwd it would serve it up. This was been removed. I would disable or upgrade any running versions of Jetspeed. This has been shut down on my home machine. Also, we are going live with this version as 1.0 tonight. Kevin -- Kevin A Burton ([EMAIL PROTECTED]) http://relativity.yi.org Message to SUN: "Open Source Java!" "For evil to win is for good men to do nothing." -- -------------------------------------------------------------- Please read the FAQ! <http://java.apache.org/faq/> To subscribe: [EMAIL PROTECTED] To unsubscribe: [EMAIL PROTECTED] Archives and Other: <http://java.apache.org/main/mail.html> Problems?: [EMAIL PROTECTED]
