Proof that no application is without (at least the occasional) security flaw, Opera might have an issue, as reported in the latest SecuirityFocus Linux newsletter:

1. Opera Web Browser IFRAME Zone Restriction Bypass Vulnerability BugTraq ID: 8887 Remote: Yes Date Published: Oct 24 2003 Relevant URL: http://www.securityfocus.com/bid/8887 Summary: Opera is a web browser available for a number of platforms, including Microsoft Windows, Linux and Unix variants and Apple MacOS.

A flaw in the Opera web browsers security model has been discovered that could allow an attacker to access a users file system within the Local Zone. The problem occurs when handling malformed HTML iframes which point to local system locations. Exploitation of this vulnerability could result in the exposure of sensitive data or could potentially lead to the corruption of system critical files. Symantec has confirmed that the proof of concept provided by the researcher effectively gains opens access to the local file system, however it has not been confirmed whether the local files may be modified.

It should be noted that due to the nature of this vulnerability it may theoretically be possible to leverage the condition to execute arbitrary code. However, Symantec is currently unaware if a method exists under which Opera can be influenced to carry out this type of operation.

This vulnerability is believed to affect the latest release of Opera as well as prior releases.

**UPDATE: The vendor has contacted Symantec and has stated that this is not a vulnerability. Symantec has not been able to reproduce the claims made by the individual who reported this issue. This record is being retired, though it may be re-activated if further findings confirm existence of the vulnerability.

That part about possibly "executing arbitrary code" is noteworthy. This is one area where operating systems like Linux and BSD (and OS X) differ from Windows. If this latest hole exists, and if the attacker can leverage it to execute code, the worst that could happen is that it would execute code as the user which started the application. It could delete my files, for instance. But it couldn't start/stop services, reboot the machine, access other user accounts, etc. Because I'm just a user, not the root user. I can't execute any bit of code I choose. Put another way, there are some programs that I cannot run, unless I log in as the root user, or I run a special command first (and give it a password). This keeps me safe. This is also why Linux distributions like Lindows are woefully insecure. There are just some Windows "features" which need not be emulated. Getting rooted by viewing web pages as a non-privileged user is one of them.

Anyway, because I value my files, I'll be watching this one carefully.

BTW, This isn't the same bug as described in the latest @stake Opera advisory. That one was fixed in version 7.2. (Although you wouldn't have been able to guess the severity of the situation from their rather understated changelog message: "Fixed a crash caused by illegally escaped server name". I'd have liked something a little more descriptively sinister.)