Re: WebCatalog security on NT

This WebDNA talk-list message is from

2000


It keeps the original formatting.
numero = 27183
interpreted = N
texte = >Hi, > >I would like to suggest a customer to offer webcat, on their NT web >hosting systems. > >I have seen some posts from Ken, and I know that is the case on a >Mac, that somebody with upload capabilities, could possibly cause *a >lot* of trouble, deleting files, running applescripts, messing with >the TCPSend command, and so on > >The customer offers web hosting services, with virtual domains, on an NT box. > >Can webcat be told to run only in certain folders?No, that's the major problem preventing it from being a secure hosting tool. Webcat on NT can run DOS commands/scripts, so nothing is safe on NT, just like nothing is safe on Macintosh. Even without AppleScript/DOS contexts, webcat's ability to navigate the folder hierarchy with its standard features puts other sites in danger of being hacked quite easily.================================ Kenneth Grome, WebDNA Consultant 808-737-6499, http://webdna.net ================================------------------------------------------------------------- Brought to you by CommuniGate Pro - The Buzz Word Compliant Messaging Server. To end your Mail problems go to .This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Associated Messages, from the most recent to the oldest:

    
  1. Re: WebCatalog security on NT (JHowarth@smithmicro.com 2000)
  2. Re: WebCatalog security on NT (Kenneth Grome 2000)
  3. Re: WebCatalog security on NT (David M. Dantowitz 2000)
  4. Re: WebCatalog security on NT (Kenneth Grome 2000)
  5. Re: WebCatalog security on NT (Serban Constantinescu 2000)
  6. Re: WebCatalog security on NT (Kenneth Grome 2000)
  7. WebCatalog security on NT (Serban Constantinescu 2000)
>Hi, > >I would like to suggest a customer to offer webcat, on their NT web >hosting systems. > >I have seen some posts from Ken, and I know that is the case on a >Mac, that somebody with upload capabilities, could possibly cause *a >lot* of trouble, deleting files, running applescripts, messing with >the TCPSend command, and so on > >The customer offers web hosting services, with virtual domains, on an NT box. > >Can webcat be told to run only in certain folders?No, that's the major problem preventing it from being a secure hosting tool. Webcat on NT can run DOS commands/scripts, so nothing is safe on NT, just like nothing is safe on Macintosh. Even without AppleScript/DOS contexts, webcat's ability to navigate the folder hierarchy with its standard features puts other sites in danger of being hacked quite easily.================================ Kenneth Grome, WebDNA Consultant 808-737-6499, http://webdna.net ================================------------------------------------------------------------- Brought to you by CommuniGate Pro - The Buzz Word Compliant Messaging Server. To end your Mail problems go to .This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Kenneth Grome

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

sandboxes with 6.0 (2004) When stuck, re-install. Thanks Guys. (2000) Webstar v (2001) Another question (1997) Protect and Serve (1999) problems with 2 tags (1997) Euca Links Manager (2003) Mac & Internet Explorer (2000) [OT] MACWORLD (2003) ShowNext (1997) WebCat2 beta 11 - new prefs ... (1997) Carraige returns [sendmail] (2004) relogin same user? (1998) Subject: Authenticating users without dialog box (1997) Emailer setup (1997) My solution... (1996) Quitting WebMerchant ? (1997) Math (1997) RE: [WebDNA] Sorting -- Dealing with Blanks (2008) read and write you own cookies with webcat (1997)