| TIP: Click on subject to list as thread! | ANSI |
| echo: | |
|---|---|
| to: | |
| from: | |
| date: | |
| subject: | Re: NT4 security updates |
From: Randall Parker Why wouldn't the perl script run under your own context? If the script files are in some shared directory and everyone has read/execute access to the directory the scripts can run in their own context. Geo. wrote: > Lets say I setup a website for you on the server, what user context does a > perl script from your website run in? IUSER right? With that permission > level you now have access to every other website on the server, so you can > get into areas you have no business getting into (like the adult website > hosted next to you). You also have the capability to use server bandwidth > and cpu for something other than serving web pages. For example you could > easily write a ping flooder or a web spider using perl and then you've got a > DS3 worth of bandwidth to play with. > > Geo. > > --- BBBS/NT v4.01 Flag-5* Origin: Barktopia BBS Site http://HarborWebs.com:8081 (1:379/45) SEEN-BY: 633/267 270 @PATH: 379/45 1 633/267 |
|
| SOURCE: echomail via fidonet.ozzmosis.com | |
Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.