Re: Mime (Attachments) support in V2.1

[Wouter Cloetens <wo...@mind.be>]

sudhir@citadon.com wrote:
 
> What is the status of this?  Can we use this feature safely in "soon
> releasing" V2.1?

You sure can.
 
> Wouter, there is a comment in MimeTest.java about some major Security Hole.
> Is this still true?  Is this security hole specific to this example?  If
> not, what are the plans for fixing it?  Also, could you please create a
> README file in this directory (samples/mime) in line with other samples?

Well, the "getFile" example method takes a pathname as a parameter and
returns the corresponding file from the server's filesystem. That's
obviously dangerous, but it is an extremely useful sample. I had no
intent of fixing it. You just shouldn't deploy it except on a test
server...

bfn, Wouter