Re: Protect
This WebDNA talk-list message is from 1997
It keeps the original formatting.
numero = 14256
interpreted = N
texte = >I think you should give some very serious thought to allowing ANY of>your users to create WebDNA templates on your site. My personal>opinion is that it is not worth the risk.People coming from UNIX and NT backgrounds don't normally have these concerns -- end-users are allowed to upload programs and execute them with no fear of malicious 'crossover', because the programs execute with lower security settings that only allow changes to stuff they have rights to change. MacOS was not designed for such an environment, and we realize this is a limitation that should be addressed.We are investigating ways of making WebDNA less susceptible to such issues. For now, you should all realize that anyone who can create templates has incredible power over your web server, and Bennie's Fear of God approach is probably the best for his situation.Grant Hulbert, V.P. Engineering | ==== eCommerce for the Rest of Us ====Pacific Coast Software | WebCatalog, WebMerchant11770 Bernardo Plaza Court | SiteEdit Pro, PhotoMasterSan Diego, CA 92128 | SiteGuard619/675-1106 Fax: 619/675-0372 | http://www.smithmicro.com
Associated Messages, from the most recent to the oldest:
>I think you should give some very serious thought to allowing ANY of>your users to create WebDNA templates on your site. My personal>opinion is that it is not worth the risk.People coming from UNIX and NT backgrounds don't normally have these concerns -- end-users are allowed to upload programs and execute them with no fear of malicious 'crossover', because the programs execute with lower security settings that only allow changes to stuff they have rights to change. MacOS was not designed for such an environment, and we realize this is a limitation that should be addressed.We are investigating ways of making WebDNA less susceptible to such issues. For now, you should all realize that anyone who can create templates has incredible power over your web server, and Bennie's Fear of God approach is probably the best for his situation.Grant Hulbert, V.P. Engineering | ==== eCommerce for the Rest of Us ====Pacific Coast Software | WebCatalog, WebMerchant11770 Bernardo Plaza Court | SiteEdit Pro, PhotoMasterSan Diego, CA 92128 | SiteGuard619/675-1106 Fax: 619/675-0372 | http://www.smithmicro.com
Grant Hulbert
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
URGENT: WebDNA Server Not Running (2003)
Hiding HTML and page breaks (1997)
using showpage and showcart commands (1996)
WebCatalog2 Feature Feedback (1996)
WebCat2 - Getting to the browser's username/password data (1997)
displaying New products (using [date]) (1997)
Javascript/WebCatalog form population (2001)
cookies (2001)
# of real domains on 1 web server (1997)
sorted cart? (1998)
Error Lob.db records error message not name (1997)
[WebDNA] reCAPTCHA and WebDNA (2010)
X etc.... (1999)
Banner ads (2000)
WebCatalog for guestbook ? (1997)
Server crash (1997)
TaxTotal Problem (1997)
Post (1997)
multiple product databases (1997)
I don't think my install worked (2003)