Re: New Site Announcement
This WebDNA talk-list message is from 1998
It keeps the original formatting.
numero = 18608
interpreted = N
texte = Terry,It is a simple matter to do with the WebCat default settings. It isexplained in the manual how to change it. It is not a security hole, justchanging some settings:-))>>>>>Please visit http://www.blueheronhemp.com , all comments appreciated.>>>>>>>>Your pages look nice, but if I were a nasty person I could>>>>delete every record in your database ...>>>>>>Okay, I believe the hole is patched...>>>>I checked again and although I haven't tried to trash your blueheron.db, it>>still seems like I could because I'm still 'getting in' just like I did>>Mind letting the rest of us newer users in on this security hole? Are you>talking about the setting allowing only certain extensions to be shown>(i.e. disallowing .db), or the one about which commands are available>remotely or something else likely to be overlooked? As complex as webDNA>is, documentation _is_ publicly accessible for interested parties with no>need to know...>>Terry Wilson>>Terry Wilson>terryw@rainbowcreek.comRegards,****************************************************************Micheal O Sewww.compulive.com Internet Hosting Servicemicheal@compulive.com Database powered websites****************************************************************
Associated Messages, from the most recent to the oldest:
Terry,It is a simple matter to do with the WebCat default settings. It isexplained in the manual how to change it. It is not a security hole, justchanging some settings:-))>>>>>Please visit http://www.blueheronhemp.com , all comments appreciated.>>>>>>>>Your pages look nice, but if I were a nasty person I could>>>>delete every record in your database ...>>>>>>Okay, I believe the hole is patched...>>>>I checked again and although I haven't tried to trash your blueheron.db, it>>still seems like I could because I'm still 'getting in' just like I did>>Mind letting the rest of us newer users in on this security hole? Are you>talking about the setting allowing only certain extensions to be shown>(i.e. disallowing .db), or the one about which commands are available>remotely or something else likely to be overlooked? As complex as webDNA>is, documentation _is_ publicly accessible for interested parties with no>need to know...>>Terry Wilson>>Terry Wilson>terryw@rainbowcreek.comRegards,****************************************************************Micheal O Sewww.compulive.com Internet Hosting Servicemicheal@compulive.com Database powered websites****************************************************************
Mícheál O Sé
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
Web Hosters with WebCatalog support (2000)
Answer: WebDelivery downloads alias, not original ? (1997)
Major Security Hole IIS NT (1998)
Search for dates greater than [date] (1997)
group searching problem (2002)
TCPConnect and SSL servers (2001)
Secure Server (1997)
calculating tax rates, mail order solutions and version 2 (1997)
using showpage and showcart commands (1996)
ODBC on OS 9 (2003)
Too Many Transmit Errors (2002)
using showpage and showcart commands (1996)
[WebDNA] Store module/site (2012)
MasterCounter - Does this work?? (1999)
Upgrading old WebCat Database Files (1997)
WebCatalog/WebMerchant Manuals Available (1998)
New Server? (2006)
YACBQ.....(Yet another checkbox question) (2000)
QuitFeedback & DBNotOpened errors (1997)
[WebDNA] Can't see were it's wrong.... (2017)