Actually, I believe the following (from the provided link) is what is being referred to:
7.2 Cross-directory attacks Different authors sharing one host name, for example users hosting content on geocities.com, all share one local storage object. There is no feature to restrict the access by pathname. Authors on shared hosts are therefore recommended to avoid using these features, as it would be trivial for other authors to read the data and overwrite it. Even if a path-restriction feature was made available, the usual DOM scripting security model would make it trivial to bypass this protection and access the data from any path. On Tue, Jun 8, 2010 at 10:36 AM, Jerry Daniels <[email protected]> wrote: > Not so. No. > > Each developer has own space. If developer INVITES someone in...as a > teammate, then they share. > > Vampire rules. Need an invite to join another developer. > > Best, > > Jerry Daniels > > Follow the Rodeo discussion: > http://rodeoapps.com/rodeo-discuss-among-yourselves > > > > On Jun 8, 2010, at 11:19 AM, Robert Mann wrote: > >> For Rodéo apps, if each user shares a space on a common shared server, >> than >> all the local datas of user X are accessible to all different rodeo apps, >> So >> far I understood. Not reassuring! > > _______________________________________________ > use-revolution mailing list > [email protected] > Please visit this url to subscribe, unsubscribe and manage your subscription > preferences: > http://lists.runrev.com/mailman/listinfo/use-revolution > _______________________________________________ use-revolution mailing list [email protected] Please visit this url to subscribe, unsubscribe and manage your subscription preferences: http://lists.runrev.com/mailman/listinfo/use-revolution
