[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-users] Real bad bug! RAQ3

Subject: [cobalt-users] Real bad bug! RAQ3
From: Karl-Heinz <webmaster@xxxxxxxxxxxxxxxxx>
Date: Thu May 11 10:44:09 2000

Hi,

i install today on a new account the script Links 2.0, which is a type
of a "mini yahoo".

I have on the same server another installation of Links 2.0, but on
another account with a different domain.

I made the mistake an install the version from the first accoun on the
second account and forget to change one of the paths.

I setup new categories and things like this.

Than i realize, that my second installation manipulates the datebase
of the first installation.

ok, i have left  a path to the first instaletion as i wrote above, but
is is very strange, that i can write from one domain to the database
in the cgi-bin of another domain with different user and group.

i real life this means, everyone who knows the paths can grab, modify
and what ever he want on another domain.

On my server is nothing special. All changes are the cobalt updates,
nothing else. All accounts are made with the gui.

Karl

Follow-Ups:
- Re: [cobalt-users] Real bad bug! RAQ3
  - From: ADNVS

References:
- [cobalt-users] HELP! RaQ3 Problems
  - From: Liz B.
- Re: [cobalt-users] HELP! RaQ3 Problems
  - From: Dennis

Prev by Date: Re: [cobalt-users] Mass User Addition Script for RAQ3i
Next by Date: Re: [cobalt-users] Slightly Off-Topic HTTP question.
Previous by thread: Re: [cobalt-users] HELP! RaQ3 Problems
Next by thread: Re: [cobalt-users] Real bad bug! RAQ3

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index