Re: New Site Announcement
This WebDNA talk-list message is from 1998
It keeps the original formatting.
numero = 18608
interpreted = N
texte = Terry,It is a simple matter to do with the WebCat default settings. It isexplained in the manual how to change it. It is not a security hole, justchanging some settings:-))>>>>>Please visit http://www.blueheronhemp.com , all comments appreciated.>>>>>>>>Your pages look nice, but if I were a nasty person I could>>>>delete every record in your database ...>>>>>>Okay, I believe the hole is patched...>>>>I checked again and although I haven't tried to trash your blueheron.db, it>>still seems like I could because I'm still 'getting in' just like I did>>Mind letting the rest of us newer users in on this security hole? Are you>talking about the setting allowing only certain extensions to be shown>(i.e. disallowing .db), or the one about which commands are available>remotely or something else likely to be overlooked? As complex as webDNA>is, documentation _is_ publicly accessible for interested parties with no>need to know...>>Terry Wilson>>Terry Wilson>terryw@rainbowcreek.comRegards,****************************************************************Micheal O Sewww.compulive.com Internet Hosting Servicemicheal@compulive.com Database powered websites****************************************************************
Associated Messages, from the most recent to the oldest:
Terry,It is a simple matter to do with the WebCat default settings. It isexplained in the manual how to change it. It is not a security hole, justchanging some settings:-))>>>>>Please visit http://www.blueheronhemp.com , all comments appreciated.>>>>>>>>Your pages look nice, but if I were a nasty person I could>>>>delete every record in your database ...>>>>>>Okay, I believe the hole is patched...>>>>I checked again and although I haven't tried to trash your blueheron.db, it>>still seems like I could because I'm still 'getting in' just like I did>>Mind letting the rest of us newer users in on this security hole? Are you>talking about the setting allowing only certain extensions to be shown>(i.e. disallowing .db), or the one about which commands are available>remotely or something else likely to be overlooked? As complex as webDNA>is, documentation _is_ publicly accessible for interested parties with no>need to know...>>Terry Wilson>>Terry Wilson>terryw@rainbowcreek.comRegards,****************************************************************Micheal O Sewww.compulive.com Internet Hosting Servicemicheal@compulive.com Database powered websites****************************************************************
Mícheál O Sé
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
multiple skus (2000)
Order not created error (1997)
Grant, please help me ... (1997)
summarizing multiple fields (2000)
type 2 errors with ssl server (1997)
[OT] (waaaay OT) further off topic than before (2004)
[LOOKUP] (1997)
Email template names (1997)
WebCat2 several catalogs? (1997)
Problems appending to database (1997)
sort without the or a (1998)
[returnraw] and form variables (1998)
list cookies and list http headers (1997)
Starting WebCatalog on Linux (2000)
get vs post - Back to Basics. (2001)
Date problems-more (1997)
PSC recommends what date format yr 2000??? (1997)
Cookies and WebTV (1999)
Error: this shopping cart has already been submittedm (2004)
Help formatting search results w/ table (1997)