Re: [Ids-devel] Users' suggestions

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

>Java != Javascript.

Nonetheless it kills Netscrape just as dead.

>you using IDS for, where people wouldn't already have the ability to
>upload arbitrary files by other means?  Also, whose security is
>compromised by this?

Imagine a zip file that contains ../index.cgi, which itself contains

#!/bin/sh
rm -rf /usr/local/apache

or such, in the default case where IDS isn't running under suexec.