RE: Writefile outside WebSTAR hierarchy?

This WebDNA talk-list message is from

1997

It keeps the original formatting. numero = 13273
interpreted = N
texte = At 03:44 PM 9/2/97, you wrote:>Ken ->>>Can writefile create files anywhere on the hard drive, or are these>>files restricted to the webstar hierarchy?>>It can create files anywhere, which is useful if you store all your logfiles in a folder outside the WebSTAR hierarchy, for instance. Becausethis is only available as a context, you as administrator are the only onewho can create files with [writefile].>>However, this brings up a potential security concern - you need to becareful about who is allowed to upload WebCatalog template files to yourserver, as the [writefile] context can both create files and overwriteexisting files. This is a concern whether [writefile] is limited to theWebSTAR hierarchy or not. If you are allowing others to upload webcatalogfiles, keep this in mind and limit access to users you can trust (andalways keep regular backups, whether it's for security or not! ;) )>>I hope this is clear,>>Marc Eagle>StarNine Technologies>http://www.smithmicro.com/>Marc,Does this apply to Windows NT servers as well? Can [writefile] create oroverwrite files outside of the webroot of the server?According to our systems engineer, if you can do this, the [writefile]would be generating files with the equivalent of administrator access. Notnice for security.........................................................................W O R L D P O I N T I N T E R A C T I V E DANIEL CAMERON web engineerHonolulu San Francisco 2800 woodlawn drive 222 sutter street dcameron@worldpoint.com suite 170 sixth floor www.worldpoint.com honolulu, hi 96822 san francisco, ca 94108 voice.808.539.3932 fax.808.539.3943 page.808.598.8640..................................................................... Associated Messages, from the most recent to the oldest:

RE: Writefile outside WebSTAR hierarchy? (Marc Eagle 1997)
RE: Writefile outside WebSTAR hierarchy? (Daniel Cameron 1997)

At 03:44 PM 9/2/97, you wrote:>Ken ->>>Can writefile create files anywhere on the hard drive, or are these>>files restricted to the webstar hierarchy?>>It can create files anywhere, which is useful if you store all your logfiles in a folder outside the WebSTAR hierarchy, for instance. Becausethis is only available as a context, you as administrator are the only onewho can create files with [writefile].>>However, this brings up a potential security concern - you need to becareful about who is allowed to upload WebCatalog template files to yourserver, as the [writefile] context can both create files and overwriteexisting files. This is a concern whether [writefile] is limited to theWebSTAR hierarchy or not. If you are allowing others to upload webcatalogfiles, keep this in mind and limit access to users you can trust (andalways keep regular backups, whether it's for security or not! ;) )>>I hope this is clear,>>Marc Eagle>StarNine Technologies>http://www.smithmicro.com/>Marc,Does this apply to Windows NT servers as well? Can [writefile] create oroverwrite files outside of the webroot of the server?According to our systems engineer, if you can do this, the [writefile]would be generating files with the equivalent of administrator access. Notnice for security.........................................................................W O R L D P O I N T I N T E R A C T I V E DANIEL CAMERON web engineerHonolulu San Francisco 2800 woodlawn drive 222 sutter street dcameron@worldpoint.com suite 170 sixth floor www.worldpoint.com honolulu, hi 96822 san francisco, ca 94108 voice.808.539.3932 fax.808.539.3943 page.808.598.8640..................................................................... Daniel Cameron

DOWNLOAD WEBDNA NOW!

RE: Writefile outside WebSTAR hierarchy?

1997

Top Articles:

Related Readings: