Re: write with cURL
- From: Tim Greer <tim@xxxxxxxxxxxxx>
- Date: Fri, 27 Feb 2009 12:12:37 -0800
Tim Greer wrote:
Jerry Stuckle wrote:
...
an account on my server. Plus, in order to do it,...
I'd have to set up an entire website for you, etc. I'm not about to
do it.
Now if you were a paying client, I would do so.
You can email me - my (munged) address is in my sig....
As I said - you've got my email address. Now show me how to do it....
My (munged) email address is in the sig of every post. The fact you...
are making excuses and didn't send me an email shows you can't do it.
Become a paying client and I'll set it up for you....
Become a paying client and I'll give you an account on my system.
Email sent Fri, 27 Feb 2009 14:26:43 -0500 (11:26 PST).
Dear Jerry Stuckle,
Regarding the usenet thread where you've agreed to allow me to prove
that your PHP setup is potentially not secure from user's reading each
other's files using PHP, you've stated that I would have to pay for an
account.
This is fine. Please let me know the price for your lowest priced
shared hosting account and I will promptly remit payment. Please also
let me know the methods of payment available (such as paypal, or a
merchant interface).
By accepting this, you agree that I am allowed to test the security of
your PHP install, and not cause any damages or access any data that
would be against state or federal laws, and that this is simply to
illustrate that your PHP setup would allow one user on one account to
use PHP to access a file readable by the web server's user/group on
another, separate account.
Therefore, if you can ensure that you have some test setup with a
temporary user or your own, and not for one of your normal shared
hosting users, that would be best. I remind you that I'm not
interested in accessing any other data or doing anything malicious on
your server, but to example how your PHP setup is not as secure as you
believe it to be.
Thank you,
Tim Greer
Be assured that I will not post any of the account information or the
information regarding the server name, login, or IP publicly. This is
just a copy of what I have emailed to you.
Also, please don't avoid this by setting some unreasonably high price
for your lowest hosting plan, acting like you have to charge some high
premium because your services are "so specialized", when this is just a
very basic shared hosting account. I'm willing to do my part and
actually pay to show you, so don't try and avoid this because I called
your bluff. There's no reason why you can't have me show you, even if
you've actually said you needed to charge me to host the account, just
to prove what I'm saying to you.
--
Tim Greer, CEO/Founder/CTO, BurlyHost.com, Inc.
Shared Hosting, Reseller Hosting, Dedicated & Semi-Dedicated servers
and Custom Hosting. 24/7 support, 30 day guarantee, secure servers.
Industry's most experienced staff! -- Web Hosting With Muscle!
.
- Follow-Ups:
- Re: write with cURL
- From: Tim Greer
- Re: write with cURL
- References:
- write with cURL
- From: user
- Re: write with cURL
- From: Tim Greer
- Re: write with cURL
- From: Ylva Poelman
- Re: write with cURL
- From: Tim Greer
- Re: write with cURL
- From: Ylva Poelman
- Re: write with cURL
- From: Tim Greer
- Re: write with cURL
- From: Ylva Poelman
- Re: write with cURL
- From: Tim Greer
- Re: write with cURL
- From: Jerry Stuckle
- Re: write with cURL
- From: Tim Greer
- Re: write with cURL
- From: Jerry Stuckle
- Re: write with cURL
- From: Tim Greer
- Re: write with cURL
- From: Jerry Stuckle
- Re: write with cURL
- From: Tim Greer
- Re: write with cURL
- From: Jerry Stuckle
- Re: write with cURL
- From: Tim Greer
- Re: write with cURL
- From: Jerry Stuckle
- Re: write with cURL
- From: Tim Greer
- write with cURL
- Prev by Date: Re: write with cURL
- Next by Date: Zend C API
- Previous by thread: Re: write with cURL
- Next by thread: Re: write with cURL
- Index(es):
Relevant Pages
|
