I guess your comment "The less secure everything else is....." is the best answer.
I'm developing a CMS where logged-in, selected users can create new directories and pages in them. I'm comfortable that
my code is secure. I'm using php's ftp functions, with good security, to mkdir and create special files. Guess, I'll
go to the trouble to change permissions to create new stuff and then restore them to 755 and 644.
Thanks everyone.
Robert Cummings wrote:
On Fri, 2007-05-18 at 20:16 -0400, Al wrote:
How can anyone, other than the staff, get into my site? Far as I know, other users can't get out of their own domain
space and into mine.
Bugs in your code, bugs in third-party code, bugs in PHP itself,
sometimes they can be abused to take advantage of your server. The less
secure everything else is, the greater the advantage that can be taken.
Just ask anyone who's had their site defaced.
Cheers,
Rob.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
