You should always use a seperate domain for demo users. And yes, that's one of the problems in
webcp.
--- Clickweb backup MX <ju...@li...> wrote:
> Just learned this morning that a web://cp demo user can add or delete databases. In general, a
> demo user is prevented from doing any damage to the system but apparently the add/drop databases
> function skirts this protection. Someone seems to have dropped my phpbb forum database at
> forum.hostinghacks.net. had to restore from a backup two weeks old. Feel free to log in as a
> demo user and see what I mean. If you want to create or delete a database and try to do other
> stuff go ahead. I have put the phpbb into a seperate domain so it should be protected now.
>
> https://devel.moonshinehosting.com:2081
> user: demo
> pass: password
>
> Note for the archives: This is in webcp CVS. Not tested in FlexCP.
>
>
> -------------------------------------------------------
> This SF.Net email sponsored by Black Hat Briefings & Training.
> Attend Black Hat Briefings & Training, Las Vegas July 24-29 -
> digital self defense, top technical experts, no vendor pitches,
> unmatched networking opportunities. Visit www.blackhat.com
> _______________________________________________
> flexcp-devel mailing list
> fle...@li...
> https://lists.sourceforge.net/lists/listinfo/flexcp-devel
>
=====
__________________________________
Do you Yahoo!?
Take Yahoo! Mail with you! Get it on your mobile phone.
http://mobile.yahoo.com/maildemo
|
