Loading...
 
Development

Development


Re: Re: Worm "Santy.C" problem for TikiWiki?

posts: 2881 United Kingdom

Im not sure on a specific string to grep for.

Any modifications made by a user could well open it up, I mean there is no-way we could ever protect against changes made by the user.

A concern is the amount of places which need to be open as Apache writable. And basically all compiled Smarty templates in templates_c are basically .php files. It might be interesting to also raise this with the Smarty dudes.

Damian
http://tikihost.net

Upcoming Events

No records to display

Why Register?

Register at tiki.org and you'll be able to use the account at any *.tiki.org site, thanks to the InterTiki feature. A valid email address is required to receive site notifications and occasional newsletters. You can opt out of these items at any time.