Date: Fri, 20 Feb 2004 23:23:25 -0600 From: "Shawn Mitchell" <shawnm@iodamedia.net> To: "Freebsd-Isp" <freebsd-isp@freebsd.org>, "alan" <amd@headru.sh> Subject: RE: Apache and home directories (file browser). Message-ID: <HJEELFHCPNPOPDIOMAKBAELADIAA.shawnm@iodamedia.net> In-Reply-To: <20040220201258.GA7902@localhost.localdomain>
next in thread | previous in thread | raw e-mail | index | archive | help
It's just like any programming language. If you don't dot all of your i's and cross your 't's, then your open for something here and there. I'm not saying php-Nuke is bad, just that it's complicated enough, that chances are something's not double check here and there. Like any and ALL programming languages, YOU SHOULD NEVER TRUST YOUR INPUT. Check it, double check it, reverse it, check it again, and still don't trust it. my $0.02's worth (or $0.002 in England now) -----Original Message----- From: owner-freebsd-isp@freebsd.org [mailto:owner-freebsd-isp@freebsd.org]On Behalf Of alan Sent: Friday, February 20, 2004 2:13 PM To: freebsd-isp@freebsd.org Subject: Re: Apache and home directories (file browser). Please be aware that allowing uploads through php is quite insecure. A lot of php-Nuke hacks have been accomplished that way. google for security info on uploads through php. alan _______________________________________________ freebsd-isp@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-isp To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?HJEELFHCPNPOPDIOMAKBAELADIAA.shawnm>