[prev in list] [next in list] [prev in thread] [next in thread] 

List:       freebsd-isp
Subject:    RE: Apache and home directories (file browser).
From:       "Shawn Mitchell" <shawnm () iodamedia ! net>
Date:       2004-02-21 5:23:25
Message-ID: HJEELFHCPNPOPDIOMAKBAELADIAA.shawnm () iodamedia ! net
[Download RAW message or body]

It's just like any programming language.  If you don't dot all of your i's
and cross your 't's, then your open for something here and there.

I'm not saying php-Nuke is bad, just that it's complicated enough, that
chances are something's not double check here and there.

Like any and ALL programming languages, YOU SHOULD NEVER TRUST YOUR INPUT.
Check it, double check it, reverse it, check it again, and still don't trust
it.

my $0.02's worth (or $0.002 in England now)

-----Original Message-----
From: owner-freebsd-isp@freebsd.org
[mailto:owner-freebsd-isp@freebsd.org]On Behalf Of alan
Sent: Friday, February 20, 2004 2:13 PM
To: freebsd-isp@freebsd.org
Subject: Re: Apache and home directories (file browser).


Please be aware that allowing uploads through php is quite insecure. A
lot of php-Nuke hacks have been accomplished that way. google for
security info on uploads through php.

alan
_______________________________________________
freebsd-isp@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-isp
To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org"

_______________________________________________
freebsd-isp@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-isp
To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org"
[prev in list] [next in list] [prev in thread] [next in thread]