Menu
▾
▴
RE: [Phpwiki-talk] Status of the UpLoad.php plugin?
|
From: electron <ele...@mg...> - 2004-03-07 19:53:35
|
Since the upload plugin doesn't currently do any bounds checking, a malicious user can upload a hackme.php and do malicious things. I can = come up with a fun list if you really want. Hence why the plugin is currently admin only :/ -Jtp I've stopped 7,458 spam messages. You can too! One month FREE spam protection at http://www.cloudmark.com/spamnetsig/} -----Original Message----- From: php...@li... [mailto:php...@li...] On Behalf Of Robert = Dodier Sent: Sunday, March 07, 2004 1:24 PM To: php...@li... Subject: [Phpwiki-talk] Status of the UpLoad.php plugin? Hello, I set up a wiki for the Maxima project. Works great! I just need to drum up more interest. 8^) I'm considering enabling file uploads for general users. I see that the UpLoad.php plugin script is enabled for the administrator only by default. Is the script suitable for general use (by disabling the administrator requirement), or is there something fundamentally not OK about it? Any comments you might have about UpLoad.php or file uploading in general are very welcome. regards, Robert Dodier __________________________________ Do you Yahoo!? Yahoo! Search - Find what you're looking for faster http://search.yahoo.com ------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=3D1470&alloc_id=3D3638&op=3Dcli= ck _______________________________________________ Phpwiki-talk mailing list Php...@li... https://lists.sourceforge.net/lists/listinfo/phpwiki-talk |
