RE: Writefile outside WebSTAR hierarchy?

This WebDNA talk-list message is from

1997


It keeps the original formatting.
numero = 13290
interpreted = N
texte = Ken ->Can writefile create files anywhere on the hard drive, or are these >files restricted to the webstar hierarchy?It can create files anywhere, which is useful if you store all your log files in a folder outside the WebSTAR hierarchy, for instance. Because this is only available as a context, you as administrator are the only one who can create files with [writefile].However, this brings up a potential security concern - you need to be careful about who is allowed to upload WebCatalog template files to your server, as the [writefile] context can both create files and overwrite existing files. This is a concern whether [writefile] is limited to the WebSTAR hierarchy or not. If you are allowing others to upload webcatalog files, keep this in mind and limit access to users you can trust (and always keep regular backups, whether it's for security or not! ;) )I hope this is clear,Marc Eagle StarNine Technologies http://www.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. RE: Writefile outside WebSTAR hierarchy? (Marc Eagle 1997)
  2. RE: Writefile outside WebSTAR hierarchy? (Daniel Cameron 1997)
Ken ->Can writefile create files anywhere on the hard drive, or are these >files restricted to the webstar hierarchy?It can create files anywhere, which is useful if you store all your log files in a folder outside the WebSTAR hierarchy, for instance. Because this is only available as a context, you as administrator are the only one who can create files with [writefile].However, this brings up a potential security concern - you need to be careful about who is allowed to upload WebCatalog template files to your server, as the [writefile] context can both create files and overwrite existing files. This is a concern whether [writefile] is limited to the WebSTAR hierarchy or not. If you are allowing others to upload webcatalog files, keep this in mind and limit access to users you can trust (and always keep regular backups, whether it's for security or not! ;) )I hope this is clear,Marc Eagle StarNine Technologies http://www.smithmicro.com/ Marc Eagle

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

[searchString] (1997) japanese characters (1997) Question about Webcatalog and Webstar for Mac OS X (1998) problems with 2 tags shakur (1997) Nested tags count question (1997) SSL and reg web* (1997) Help! WebCat2 bug (1997) SUBSCRIBE (2000) 2 Item Cart Delete (2000) [WebDNA] [BULK] which of these tags exist in 7.0 (2011) Fun with dates (1997) WebCatalog2 Feature Feedback (1996) emailer settings and control questions (1997) Setting up WebCatalog with Retail Pro data (1996) searchable list archive (1997) Taxable Shipping (2003) [WebDNA] 3-5 GB of native WebDNA db in RAM?, else MySQL w/WebDNA [SQL] tags, else skip WebDNA altogether? (2009) Re:Cookies and WebCat?? (1999) WCf2 and nested tags (1997) [ShowNext] feature in 2.0 (1997)