Re: [listfiles] anomaly

This WebDNA talk-list message is from

2003


It keeps the original formatting.
numero = 50123
interpreted = N
texte = In the words of homer simpson: doh!On 5/7/03 1:02 PM, Joe D'Andrea wrote:> Couldn't figure out whether to label this an exploit, bug, oversight > or what... so I settled on anomaly. > > Put this in a template: > > [listfiles] > [filename] > [/listfiles] > > And you will get a list of the files in your WebSTAR root folder. It > doesn't matter where on your server you put the template, you will > always get a list of files in the W* root. > > Clearly, there is some coder error here as I left out the required > path= parameter. But since the docs clearly say that path= is a > required parameter, shouldn't WebCat protect me from myself when I > don't include a required parameter? > > I'm using w*4/macos9/wcat4.5, but what happens if a v5 sandbox user > leaves out the required parameter? Do they get access to stuff they > shouldn't? > > ~joe > ----------------------------- Daniel Schutzsmith Senior Web Developer Berlin Productions, Inc. dan@berlinprod.com http://www.berlinprod.com (914) 683-5759 (914) 683-5751 fax ----------------------------- ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: [listfiles] anomaly (Rob Marquardt 2003)
  2. Re: [listfiles] anomaly (Gary Krockover 2003)
  3. Re: [listfiles] anomaly (Daniel Schutzsmith 2003)
  4. [listfiles] anomaly (Joe D'Andrea 2003)
In the words of homer simpson: doh!On 5/7/03 1:02 PM, Joe D'Andrea wrote:> Couldn't figure out whether to label this an exploit, bug, oversight > or what... so I settled on anomaly. > > Put this in a template: > > [listfiles] > [filename] > [/listfiles] > > And you will get a list of the files in your WebSTAR root folder. It > doesn't matter where on your server you put the template, you will > always get a list of files in the W* root. > > Clearly, there is some coder error here as I left out the required > path= parameter. But since the docs clearly say that path= is a > required parameter, shouldn't WebCat protect me from myself when I > don't include a required parameter? > > I'm using w*4/macos9/wcat4.5, but what happens if a v5 sandbox user > leaves out the required parameter? Do they get access to stuff they > shouldn't? > > ~joe > ----------------------------- Daniel Schutzsmith Senior Web Developer Berlin Productions, Inc. dan@berlinprod.com http://www.berlinprod.com (914) 683-5759 (914) 683-5751 fax ----------------------------- ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Daniel Schutzsmith

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

Sense/Disallow HTML tags during $Append (1997) Bug or syntax error on my part? (1997) French characters in variables (2001) Sample Tea Room Search Error (1997) embedding commands in form (1999) Help name our technology! (1997) Claris HomePage messes up the code (1997) Less than or equal to........ (1997) Re:no [search] with NT (1997) [WebDNA] Before I write this AJAX code from scratch ... (2015) hideif [x]=1,2,3.. (2003) Netscape v. IE (1997) Resume Catalog ? (1997) [WebDNA] Moving to Sandbox broke price (2009) [OT] HTML render (2003) more on the Shipcost update problem (1997) Multiple prices (1997) Re:[input] context (1999) path hierarchy notation (1998) [input] [/input] (1997)