Re: Protect
This WebDNA talk-list message is from 1997
It keeps the original formatting.
numero = 14256
interpreted = N
texte = >I think you should give some very serious thought to allowing ANY of>your users to create WebDNA templates on your site. My personal>opinion is that it is not worth the risk.People coming from UNIX and NT backgrounds don't normally have these concerns -- end-users are allowed to upload programs and execute them with no fear of malicious 'crossover', because the programs execute with lower security settings that only allow changes to stuff they have rights to change. MacOS was not designed for such an environment, and we realize this is a limitation that should be addressed.We are investigating ways of making WebDNA less susceptible to such issues. For now, you should all realize that anyone who can create templates has incredible power over your web server, and Bennie's Fear of God approach is probably the best for his situation.Grant Hulbert, V.P. Engineering | ==== eCommerce for the Rest of Us ====Pacific Coast Software | WebCatalog, WebMerchant11770 Bernardo Plaza Court | SiteEdit Pro, PhotoMasterSan Diego, CA 92128 | SiteGuard619/675-1106 Fax: 619/675-0372 | http://www.smithmicro.com
Associated Messages, from the most recent to the oldest:
>I think you should give some very serious thought to allowing ANY of>your users to create WebDNA templates on your site. My personal>opinion is that it is not worth the risk.People coming from UNIX and NT backgrounds don't normally have these concerns -- end-users are allowed to upload programs and execute them with no fear of malicious 'crossover', because the programs execute with lower security settings that only allow changes to stuff they have rights to change. MacOS was not designed for such an environment, and we realize this is a limitation that should be addressed.We are investigating ways of making WebDNA less susceptible to such issues. For now, you should all realize that anyone who can create templates has incredible power over your web server, and Bennie's Fear of God approach is probably the best for his situation.Grant Hulbert, V.P. Engineering | ==== eCommerce for the Rest of Us ====Pacific Coast Software | WebCatalog, WebMerchant11770 Bernardo Plaza Court | SiteEdit Pro, PhotoMasterSan Diego, CA 92128 | SiteGuard619/675-1106 Fax: 619/675-0372 | http://www.smithmicro.com
Grant Hulbert
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
Include (2000)
Costings slightly OT (2000)
Generating unique SKU from [cart] - FIXED! (1997)
Standardize Address :: USPS (2005)
searchable list archive (1997)
[WebDNA] WebDNA future (2010)
WebCatalog for guestbook ? (1997)
WC Database Format (1997)
searchable list archive (1997)
Back Button problems (1998)
Queertrons? (1997)
RE: ANother SHOWIF problem (1997)
Formulas.db + Users.db (1997)
$purchase WITHOUT creditcar (1997)
RE: too many nested [xxx] (1997)
Where is eudora plugin? (1998)
No Access warning when caching HTML files (1997)
Trouble with formula.db (1997)
WC2/Mac -- Forms not submitting correctly with Mac browsers (1997)
Another Excel Problem (2003)