Re: WebCatalog security on NT

This WebDNA talk-list message is from

2000

It keeps the original formatting. numero = 27184
interpreted = N
texte = > >Hi,> >> >I would like to suggest a customer to offer webcat, on their NT web> >hosting systems.> >> >I have seen some posts from Ken, and I know that is the case on a> >Mac, that somebody with upload capabilities, could possibly cause *a> >lot* of trouble, deleting files, running applescripts, messing with> >the TCPSend command, and so on> >> >The customer offers web hosting services, with virtual domains, on >an NT box.> >> >Can webcat be told to run only in certain folders?>>No, that's the major problem preventing it from being a secure >hosting tool. Webcat on NT can run DOS commands/scripts, so nothing >is safe on NT, just like nothing is safe on Macintosh. Even without >AppleScript/DOS contexts, webcat's ability to navigate the folder >hierarchy with its standard features puts other sites in danger of >being hacked quite easily.Thanks Ken,That was a pretty fast response...So I assume that since people *do* host sites on NT, they still must have devised a method of doing that... What are the prevention steps that could be taken do have a somewhat secure hosting.The same hosting box runs ColdFusion, Could ColdFusion navigate folder hierarchy, like webcat? Because if that's the case, I could suggest disabling the DOS commands, and then it would be posing the same risk as CF.Serban-------------------------------------------------------------Brought to you by CommuniGate Pro - The Buzz Word Compliant Messaging Server.To end your Mail problems go to .This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Associated Messages, from the most recent to the oldest:

Re: WebCatalog security on NT (JHowarth@smithmicro.com 2000)
Re: WebCatalog security on NT (Kenneth Grome 2000)
Re: WebCatalog security on NT (David M. Dantowitz 2000)
Re: WebCatalog security on NT (Kenneth Grome 2000)
Re: WebCatalog security on NT (Serban Constantinescu 2000)
Re: WebCatalog security on NT (Kenneth Grome 2000)
WebCatalog security on NT (Serban Constantinescu 2000)

> >Hi,> >> >I would like to suggest a customer to offer webcat, on their NT web> >hosting systems.> >> >I have seen some posts from Ken, and I know that is the case on a> >Mac, that somebody with upload capabilities, could possibly cause *a> >lot* of trouble, deleting files, running applescripts, messing with> >the TCPSend command, and so on> >> >The customer offers web hosting services, with virtual domains, on >an NT box.> >> >Can webcat be told to run only in certain folders?>>No, that's the major problem preventing it from being a secure >hosting tool. Webcat on NT can run DOS commands/scripts, so nothing >is safe on NT, just like nothing is safe on Macintosh. Even without >AppleScript/DOS contexts, webcat's ability to navigate the folder >hierarchy with its standard features puts other sites in danger of >being hacked quite easily.Thanks Ken,That was a pretty fast response...So I assume that since people *do* host sites on NT, they still must have devised a method of doing that... What are the prevention steps that could be taken do have a somewhat secure hosting.The same hosting box runs ColdFusion, Could ColdFusion navigate folder hierarchy, like webcat? Because if that's the case, I could suggest disabling the DOS commands, and then it would be posing the same risk as CF.Serban-------------------------------------------------------------Brought to you by CommuniGate Pro - The Buzz Word Compliant Messaging Server.To end your Mail problems go to .This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Serban Constantinescu

DOWNLOAD WEBDNA NOW!

Re: WebCatalog security on NT

2000

Top Articles:

Related Readings: