Re: PROBLEMS WITH PROTECT TAG

This WebDNA talk-list message is from

2004


It keeps the original formatting.
numero = 58569
interpreted = N
texte = Is the group "admin" a loosly used group that the clients have access to? Generally, admin would be a 'master group' that could access any stores as needed by the developer/web host should it be included in the protect tag. The group "courtesy" would then be the client's personal group and they should only have access via that account. "Admin" would grant access to the WebDNA settings (control panel) as well, so you don't want anyone to have that user/pass except for the person running the server. GK At 03:06 PM 6/23/2004, you wrote: >Hello. I sure hope someone can help. We've been using WebDNA for some time >now and a former programmer has left our systems in a compromised situation. > >Our clients are able to log into other client's web sites using user names >and passwords from different groups. > >Example. > >Client A has a protect that includes their group and an admin group. >[protect courtesy admin] > >For some reason, another user from another group is able to log into the >site mentioned above, despite the fact their user name is not in that >group. What have we done here and is there a place where I could look to >uncover this issue? > >Thanks ahead of time... > >David Cate >New Media Director >The GoTriCities Network- http://www.gotricities.net ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: PROBLEMS WITH PROTECT TAG ( "Dan Strong" 2004)
  2. Re: PROBLEMS WITH PROTECT TAG ( "Sal D'Anna" 2004)
  3. Re: PROBLEMS WITH PROTECT TAG ( Donovan Brooke 2004)
  4. Re: PROBLEMS WITH PROTECT TAG ( "Dan Strong" 2004)
  5. Re: PROBLEMS WITH PROTECT TAG ( Donovan Brooke 2004)
  6. Re: PROBLEMS WITH PROTECT TAG ( devaulw@onebox.com 2004)
  7. Re: PROBLEMS WITH PROTECT TAG ( Gary Krockover 2004)
  8. Re: PROBLEMS WITH PROTECT TAG ( Donovan Brooke 2004)
  9. Re: PROBLEMS WITH PROTECT TAG ( David Cate 2004)
  10. Re: PROBLEMS WITH PROTECT TAG ( Gary Krockover 2004)
  11. Re: PROBLEMS WITH PROTECT TAG ( Donovan Brooke 2004)
  12. PROBLEMS WITH PROTECT TAG ( David Cate 2004)
Is the group "admin" a loosly used group that the clients have access to? Generally, admin would be a 'master group' that could access any stores as needed by the developer/web host should it be included in the protect tag. The group "courtesy" would then be the client's personal group and they should only have access via that account. "Admin" would grant access to the WebDNA settings (control panel) as well, so you don't want anyone to have that user/pass except for the person running the server. GK At 03:06 PM 6/23/2004, you wrote: >Hello. I sure hope someone can help. We've been using WebDNA for some time >now and a former programmer has left our systems in a compromised situation. > >Our clients are able to log into other client's web sites using user names >and passwords from different groups. > >Example. > >Client A has a protect that includes their group and an admin group. >[protect courtesy admin] > >For some reason, another user from another group is able to log into the >site mentioned above, despite the fact their user name is not in that >group. What have we done here and is there a place where I could look to >uncover this issue? > >Thanks ahead of time... > >David Cate >New Media Director >The GoTriCities Network- http://www.gotricities.net ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Gary Krockover

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

HTML Emails To Eudora For Windows (2005) Shell Script needed (2003) Emailer choke (1997) E-mail Attachments (1997) webmerchant/ Mac Auth. and CC refunds (1998) ShowNext for method=POST (1997) Nested tags count question (1997) Formulas What if. (1999) NT considerations (1997) Frames and WebCat (1997) Uh...can someone help me out with the b10? (1997) UPS tracking number (2003) WebCat, sudo and ImageMagick (2002) Runtime version ... (2003) remotely add + sign (1997) sorting dates (1999) PSC recommends what date format yr 2000??? (1997) HTML Editors (1997) placement of ? (2000) emailer (1997)