[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Savannah-dev] [Bug #1070] User can run php scripts via file uploading?
From: |
nobody |
Subject: |
[Savannah-dev] [Bug #1070] User can run php scripts via file uploading? |
Date: |
Thu, 19 Sep 2002 04:00:17 -0400 |
=================== BUG #1070: LATEST MODIFICATIONS ==================
http://savannah.gnu.org/bugs/?func=detailbug&bug_id=1070&group_id=11
Changes by: Mathieu Roy <address@hidden>
Date: 2002-Sep-19 10:00 (Europe/Paris)
What | Removed | Added
---------------------------------------------------------------------------
Assigned to | loic | yeupou
Status | Open | Closed
------------------ Additional Follow-up Comments ----------------------------
I finally fixed it by myself. See /etc/apache-ssl/access.conf
I added an AllowOverride clause, to prevent for someone overriding ours rules
and executing php scripts or anything else.
=================== BUG #1070: FULL BUG SNAPSHOT ===================
Submitted by: chedong Project: Savannah
Submitted on: 2002-Aug-24 18:26
Category: Apache Severity: 7 - Major
Priority: High Bug Group: None
Resolution: Fixed Assigned to: yeupou
Status: Closed Effort: 0.00
Summary: User can run php scripts via file uploading?
Original Submission: http://freesoftware.fsf.org/download/phpman/test.php
Follow-up Comments
*******************
-------------------------------------------------------
Date: 2002-Sep-19 10:00 By: yeupou
I finally fixed it by myself. See /etc/apache-ssl/access.conf
I added an AllowOverride clause, to prevent for someone overriding ours rules
and executing php scripts or anything else.
-------------------------------------------------------
Date: 2002-Aug-24 20:12 By: yeupou
I made a dirty hack (.htaccess) to fix this.
Can someone, as Loic, very familiar with the apache-ssl configuration, fix this
directly the in the system wide configuration file?
CC list is empty
No files currently attached
For detailed info, follow this link:
http://savannah.gnu.org/bugs/?func=detailbug&bug_id=1070&group_id=11
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Savannah-dev] [Bug #1070] User can run php scripts via file uploading?,
nobody <=