Re: Uploading a file without a form????
From: J.O. Aho (user_at_example.net)
Date: 11/17/04
- Next message: Berislav Lopac: "Re: Uploading a file without a form????"
- Previous message: leegold2: "Re: can I "dispose" of an array?"
- In reply to: Craig Keightley: "Re: Uploading a file without a form????"
- Next in thread: Berislav Lopac: "Re: Uploading a file without a form????"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Wed, 17 Nov 2004 14:42:42 +0100
Craig Keightley wrote:
> thats OK, i've now discovered it can cause a major security flaw causing
> anyone to get any file from any pc without the user knowing
Enforce user group priviliges so that the http server can't access files that
it's not supposed to have access to, or/and run it in a chroot environment.
//Aho
- Next message: Berislav Lopac: "Re: Uploading a file without a form????"
- Previous message: leegold2: "Re: can I "dispose" of an array?"
- In reply to: Craig Keightley: "Re: Uploading a file without a form????"
- Next in thread: Berislav Lopac: "Re: Uploading a file without a form????"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
