[Wylug-discuss] 777 access on an images directory
Mike Goodman
mike.goodman at zen.co.uk
Fri Oct 12 16:20:30 BST 2007
Hi, Folks,
This is pertinent to a conversation in the pub after Monday's meeting.
It was regarding whether there is a potential security hole, nay, gaping
chasm, in one of our favourite FOSS e-commerce applications. The problem
is uploading images via ftp to a directory with permissions set at 777
and whether this would allow a malefactor to upload and implement
executable files. (Are you watching, Phil?) ;-)
I have subsequently come across this thread on Bytemark's discussion
forum: https://forum.bytemark.co.uk/viewtopic.php?id=57 and would like
to hear whether you folk think it as safe as the final contributor there
indicates?
I know you don't have to be a member to access the forum so you should
be able to view it OK.
Best,
Mike
More information about the Wylug-discuss
mailing list