|
|
Security Flaw in Enhydra ??: msg#00034java.enhydra.general
Try this: 1. Create new web application with appWizard. e.g: application created under: /root/myProjects/sampleApp/ 2. Add the application to Enhydra Multiserver using admin console: - Application Type: War - Name: /root/myProjects/sampleApp/output/lib/sampleApp.war - Document Root: / 3. Create connection - Connection method: http - URL prefix: /sampleApp or any approriate - Choose any port approriate 4. Start the application Now, try to access the application with your browser. e.g: http://localhost:10000/sampleApp, and WOW, you can browse root directory of your file system!! Is this some kind of bug?? I try this with Enhydra 5.0 and 5.1 beta 8 under my linux box. Regards, Agung Yogaswara -- COMPUTERBILD 15/03: Premium-e-mail-Dienste im Test -------------------------------------------------- 1. GMX TopMail - Platz 1 und Testsieger! 2. GMX ProMail - Platz 2 und Preis-Qualitätssieger! 3. Arcor - 4. web.de - 5. T-Online - 6. freenet.de - 7. daybyday - 8. e-Post
|
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| Previous by Date: | Re: Running under Apache 2.0, Srinivas Yermal |
|---|---|
| Next by Date: | Re: Security Flaw in Enhydra ??, Scott Dietrich |
| Previous by Thread: | Re: Enhydra: Director 5.1 RC 1 released, Alfred Madl |
| Next by Thread: | Re: Security Flaw in Enhydra ??, Scott Dietrich |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
| News | FAQ | advertise |