On Mon, 2004-12-06 at 23:38 -0800, David Wagner wrote: > This shows that visiting a link is a security-relevant operation that > probably should be controlled in some way. Actually, what it shows is that implicit sign-on is a really really dumb idea. -- Jonathan S. Shapiro <shap at eros-os.org>