Re: Re: Worm "Santy.C" problem for TikiWiki?

posts: 2881 United Kingdom

Im not sure on a specific string to grep for.

Any modifications made by a user could well open it up, I mean there is no-way we could ever protect against changes made by the user.

A concern is the amount of places which need to be open as Apache writable. And basically all compiled Smarty templates in templates_c are basically .php files. It might be interesting to also raise this with the Smarty dudes.


Upcoming Events

No records to display

Why Register?

Register at tiki.org and you'll be able to use the account at any *.tiki.org site, thanks to the InterTiki feature. A valid email address is required to receive site notifications and occasional newsletters. You can opt out of these items at any time.