Re: possibility of compromise of bug tracker, etc : msg#00031

Re: possibility of compromise of bug tracker, etc for SF projects running p: msg#00031

Subject:	Re: possibility of compromise of bug tracker, etc for SF projects running phpwiki

On Mon, 2004-01-12 at 14:30, Robert Dodier wrote:
> Hello,

I guess the question is could phpwiki offer access to other resources.

I see a few possibilities:

1)  Access to files not available to the web interface, but available to
the web user.

2)  Access to databases via open connections and bad sql checking.

The first seems to be in the range of "any php script."

The second is nixed if the DB user the wiki uses is not the same as any
other DB user.


-- 
Zot O'Connor

http://www.ZotConsulting.com
http://www.WhiteKnightHackers.com



-------------------------------------------------------
This SF.net email is sponsored by: Perforce Software.
Perforce is the Fast Software Configuration Management System offering
advanced branching capabilities and atomic changes on 50+ platforms.
Free Eval! http://www.perforce.com/perforce/loadprog.html

Special educational offers, white papers, webcasts, podcasts

WEBCAST: Offshore software development: Making it a success with agile practices. Register Now:

WEBCAST: IBM WebSphere Portal V6.1 Web 2.0 Capabilities. Register Now:

WHITE PAPER: Best practices for software analysis (Best Practices)

DOWNLOAD NEW E-KIT: Download the IBM pureXML Developers Kit:

DOWNLOAD: Rational Trial Software – Rational Team Concert Free Information:

TUTORIAL: Debug iPhone Web applications with Eclipse

Try Searching:
servers, voip, java, networking, microsoft ...

<Prev in Thread]	Current Thread	[Next in Thread>

Previous by Date:	possibility of compromise of bug tracker, etc for SF projects running phpwiki, Robert Dodier
Next by Date:	Re: Assertion failed errors on flatfile phpwiki, Norberto Meijome
Previous by Thread:	possibility of compromise of bug tracker, etc for SF projects running phpwiki, Robert Dodier
Next by Thread:	Edit homepage error, Rodney Kanno
Indexes:	[Date] [Thread] [Top] [All Lists]

^^^ ADDITIONAL NAVIGATION ^^^

Recently Viewed:
file-systems.op... xfree86.newbie/... bug-tracking.bu... apache.shale.de... windows.unatten... vserver/2004-06... yellowdog.gener... security.ids.pr... russian.linuxta... text.xml.svg.de... linux.redhat.ol... qplus.devel/200... kde.devel.kdeve... java.xwt.genera... gnu.gnupg.users... mail.bogofilter... hardware.openco... politics.activi... ide.lazarus.gen... network.nagios.... os.netbsd.devel... encryption.gpg.... dragonfly-bsd.k...

Home | blog view | USPTO Patent Archive (NEW!) | advertise | OSDir is an inevitable website. super tiny logo