[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-users] All folders visable on whole server

> > Hi,
> >
> > I just found out that it is possible for a "normal" user on a RaQ3
to
> access
> > all system directories using "AdminPro" (www.craigrichards.com).
> >
> > Also I haven´t tried out if you can read those files, I think that
it´s
> not
> > so good if a user can view the list of all domains hosted on the
RaQ, so I
> > wanted to ask you what is your opinion on that topic? Is there a
> possibility
> > to disallow that on a server?
> >
> > steve
> >
	Here is a response from the author of the tool after making a
inquiry......


	I absolutely understand the viewpoint you've shared... For
advanced programmers and administrators for use in "tricky" server
environments wherein path and file aliases and/or CGIWrap have been
incorporated, AdminPro by necessity was designed to be a very
powerful file administration and CGI debugging tool. AdminPro is the
first (and so far, only) tool that is as effective in difficult
environments as it is easy to use.

	For some server administrators, however, AdminPro has proven
too powerful and may represent to them a compromise of the security
for which they are responsible.

	That's why I released a "milder and gentler" version last
month entitled AdminFTP. With all the same point-and-click
functionality, it confines the user's access to paths and files only
within their domain. Simply, AdminFTP users cannot navigate "behind"
the domain root as they are able to do with AdminPro.

	I encourage you to check out AdminFTP by going to
http://www.CraigRichards.com/software/adminftp.html - Be sure to let
me know if this new version will effectively serve your needs while
addressing your security concerns.

	Thank you for your valuable feedback!

Virtually yours,

	Craig Richards