Re: Can anybody communicate with the operating system without the php server?
- From: "Mason Barge" <masonbarge@xxxxxxxxxxx>
- Date: Thu, 28 Feb 2008 10:05:37 -0500
"Fro" <showandbeshown@xxxxxxxxx> wrote in message news:c0cafc32-d170-4ff5-a48e-b751d514e47f@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Hi,
I have a php-script which writes uploaded files into a directory. My
php-script gives a specific names to the saved files. I found in the
directory a file which has a name which could not be given by the php-
script. Could it be that somebody (which is not a user of the
operating system) communicate with the operating system (creates
files) without the usage of my php-script? Or it is impossible and I
have to search for a mistake in my script?
Thank you!
Sure, they could hack your server, either just your personal account data or else the entire server. But it's 100 or 1000 times more likely that they breached security through a file upload, if you use a reputable third-party host.
.
- Follow-Ups:
- References:
- Prev by Date: Re: ISSET() question
- Next by Date: Re: DOCTYPE
- Previous by thread: Re: Can anybody communicate with the operating system without the php server?
- Next by thread: Re: Can anybody communicate with the operating system without the php server?
- Index(es):
Relevant Pages
|
