[Phpgroupware-users] The anonymous user problem...

phpgroupware-users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Phpgroupware-users] The anonymous user problem...

From:	Marco Gaiarin
Subject:	[Phpgroupware-users] The anonymous user problem...
Date:	Thu, 6 Nov 2003 15:55:23 +0100
User-agent:	Mutt/1.5.4i

We have just dissected the problem that arises when you setup the guest
user that use sitemgr to run the phpwebhosting application.

A malicious user can use the phpwebhosting application and fill the
database and filesystem with file.
Can i:

1) put some quota on user, preventing guest user from fill the FS

2) disable the guest user to upload file at all

3) make some script that delete file.

4) ...


so, some sort of quick hack to prevent this?!

-- 
dott. Marco Gaiarin                                 GNUPG Key ID: 240A3D66
  Associazione ``La Nostra Famiglia''                http://www.sv.lnf.it/
  Polo FVG  -  Via della Bontà, 7 - 33078  -  San Vito al Tagliamento (PN)
  gaio(at)sv.lnf.it             tel +39-0434-842711    fax +39-0434-842797

         Proteggiamo l'innovazione in Europa: no ai brevetti software
                           http://swpat.xsec.it/

[Prev in Thread]

Current Thread

[Next in Thread]

[Phpgroupware-users] The anonymous user problem..., Marco Gaiarin <=
- Re: [Phpgroupware-users] The anonymous user problem..., Brian Johnson, 2003/11/06
- Re: [Phpgroupware-users] The anonymous user problem..., Brian Johnson, 2003/11/06
- Re: [Phpgroupware-users] The anonymous user problem..., Chris Weiss, 2003/11/06
  - Re: [Phpgroupware-users] The anonymous user problem..., Marco Gaiarin, 2003/11/07

Prev by Date: Re: [Phpgroupware-users] sitemgr UNMANTAINED?! ;(((
Next by Date: Re: [Phpgroupware-users] The anonymous user problem...
Previous by thread: [Phpgroupware-users] Before posting another one of my strange bug reports...
Next by thread: Re: [Phpgroupware-users] The anonymous user problem...
Index(es):
- Date
- Thread