Re: Protecting databases

This WebDNA talk-list message is from

1999


It keeps the original formatting.
numero = 23892
interpreted = N
texte = Hmm....Well maybe they just don't need to be told about WebDNA then >>My plan was not to let them use the databases, rather just the server >>side features within their webpages. > >The server-side features in the webdna language can *easily* delete >folders, web pages, databases, etc., anywhere in your website. Nothing is >safe if you let your users write their own webdna tags without checking >those tags yourself. > >>Since they won't know my database names and can't view my >>code, I don't think it will be mcuh of a problem. > >Your assumptions are going to get you into trouble some day. Anyone with >FTP access to any part of your site could easily (accidentally or >otherwise) delete or destroy individual files or possibly entire folders >full of files. > >>Of course I can always not put my databases in the 'globals' folder and >>that would make it even harder as they do not have access to the files >>under my primary domains - only their own. > >It doesn't have anything to do with whether or not you put your db's in >the 'globals' folder or any other folder. WebDNA is NOT restricted to >individual domain folders. > >Sincerely, >Kenneth Grome >WebDNA Consultant Associated Messages, from the most recent to the oldest:

    
  1. Re: Protecting databases (webcat 1999)
  2. Re: Protecting databases (Kenneth Grome 1999)
  3. Re: Protecting databases (webcat 1999)
  4. Re: Protecting databases (Kenneth Grome 1999)
  5. Protecting databases (webcat 1999)
Hmm....Well maybe they just don't need to be told about WebDNA then >>My plan was not to let them use the databases, rather just the server >>side features within their webpages. > >The server-side features in the webdna language can *easily* delete >folders, web pages, databases, etc., anywhere in your website. Nothing is >safe if you let your users write their own webdna tags without checking >those tags yourself. > >>Since they won't know my database names and can't view my >>code, I don't think it will be mcuh of a problem. > >Your assumptions are going to get you into trouble some day. Anyone with >FTP access to any part of your site could easily (accidentally or >otherwise) delete or destroy individual files or possibly entire folders >full of files. > >>Of course I can always not put my databases in the 'globals' folder and >>that would make it even harder as they do not have access to the files >>under my primary domains - only their own. > >It doesn't have anything to do with whether or not you put your db's in >the 'globals' folder or any other folder. WebDNA is NOT restricted to >individual domain folders. > >Sincerely, >Kenneth Grome >WebDNA Consultant webcat

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

Major Security Hole (solution with Welcome) (1998) Trigger alternatives please ... (2004) Summing fields (1997) WebCatalog 4.0.2b5 available (2000) LookUp Tag (1997) Practice runs ? (1997) Only charge card when product shipped ? (1997) WebDNA Solutions ... sorry! (1997) Safari browser and WebDNA set-cookies (2003) 5.1: Can't enter serial number (2004) Make sure I understand this??? (1997) Frames and WebCat (1997) Protect vs Authenicate (1997) Some Questions (1997) close to search (2001) Live hits (2003) Great product and great job ! (1997) tag request (1999) WebCat2b13MacPlugIn - [showif][search][/showif] (1997) Welcome Back (was) Newbie Question (1999)