A question about security

This WebDNA talk-list message is from

1998


It keeps the original formatting.
numero = 16551
interpreted = N
texte = I am just about to buy Wcat 2.1 Mac but now I am not shure if I understand the WCat manual correctly.In the Wcat preferences, you can specify all commands that you want to be used by anonymous visitors by (Allow Commands). If I want to use an online store like Tea Room, I have to allow commands like replace, add, search, delete and so on.But now, ANY user can edit ANY record in ANY database used by Wcat on my server, if he is smart enough to understand the command syntax.Even if he has to find a fitting template to SEE contents, he can do enough to get me in serious trouble.Because I want to host an online store on my server, and also some confidential databases which I want to use for online-games (I am using contexts there for security reasons), I guess I am in a bit of trouble now.Or am I missing something?RegardsMatthias Precht Associated Messages, from the most recent to the oldest:

    
  1. Re: A question about security (Kenneth Grome 1998)
  2. Re: A question about security (Grant Hulbert 1998)
  3. A question about security (Matthias Precht 1998)
I am just about to buy Wcat 2.1 Mac but now I am not shure if I understand the WCat manual correctly.In the Wcat preferences, you can specify all commands that you want to be used by anonymous visitors by (Allow Commands). If I want to use an online store like Tea Room, I have to allow commands like replace, add, search, delete and so on.But now, ANY user can edit ANY record in ANY database used by Wcat on my server, if he is smart enough to understand the command syntax.Even if he has to find a fitting template to SEE contents, he can do enough to get me in serious trouble.Because I want to host an online store on my server, and also some confidential databases which I want to use for online-games (I am using contexts there for security reasons), I guess I am in a bit of trouble now.Or am I missing something?RegardsMatthias Precht Matthias Precht

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

quotes and truncating? (1997) Nested [tags] (2001) Help! WebCat2 bug (1997) switching users (1998) WebCat2 - [format thousands] (1997) [OT] Deploying XRAID (2003) taxTotal, too (1997) Selected Item in Pop-down (2003) find with exceptions (1997) RE: format problem on NT? (1997) web delivery (1997) [WebDNA] path traversal (2020) Enterprise Server (1998) WebCat b13 CGI -shownext- (1997) search form problem.. (1997) How to append text after the sign & (1997) WC2b15 File Corruption (1997) [WebDNA] WebDNA slow processing - conclusion (2011) FORMS: Returning a specific page (1997) shoppingcart reload qty (1997)