[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] All folders visable on whole server
- Subject: Re: [cobalt-users] All folders visable on whole server
- From: "Stephan P. Muecke" <smuecke@xxxxxxxxxxxxx>
- Date: Fri Dec 8 13:24:40 2000
- Organization: net:impaqt
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
> That's why I released a "milder and gentler" version last
> month entitled AdminFTP. With all the same point-and-click
> functionality, it confines the user's access to paths and files only
> within their domain. Simply, AdminFTP users cannot navigate "behind"
> the domain root as they are able to do with AdminPro.
>
> I encourage you to check out AdminFTP by going to
> http://www.CraigRichards.com/software/adminftp.html - Be sure to let
> me know if this new version will effectively serve your needs while
> addressing your security concerns.
That´s fine that you have released a "milder" version of the script, but the
thing is - at least in my opinion - that if someone wants to hack your
server or do what whatever he wants with it, then he will take the more
powerful script. I guess it´s no problem for a professional hacker to write
such a script, but right now _everybody_ - even with hardly any experience -
can download your tool and use it. No knowledge neccessary.
So why do you then offer both versions on your website? Do you think someone
will download the light version on its own if the hardcore version has
increadible features?
I would encourage you to remove your AdminPro from your website until we
have found a possibility to block these functions of the script.
steve