Re: PROBLEMS WITH PROTECT TAG

This WebDNA talk-list message is from

2004


It keeps the original formatting.
numero = 58569
interpreted = N
texte = Is the group "admin" a loosly used group that the clients have access to? Generally, admin would be a 'master group' that could access any stores as needed by the developer/web host should it be included in the protect tag. The group "courtesy" would then be the client's personal group and they should only have access via that account. "Admin" would grant access to the WebDNA settings (control panel) as well, so you don't want anyone to have that user/pass except for the person running the server. GK At 03:06 PM 6/23/2004, you wrote: >Hello. I sure hope someone can help. We've been using WebDNA for some time >now and a former programmer has left our systems in a compromised situation. > >Our clients are able to log into other client's web sites using user names >and passwords from different groups. > >Example. > >Client A has a protect that includes their group and an admin group. >[protect courtesy admin] > >For some reason, another user from another group is able to log into the >site mentioned above, despite the fact their user name is not in that >group. What have we done here and is there a place where I could look to >uncover this issue? > >Thanks ahead of time... > >David Cate >New Media Director >The GoTriCities Network- http://www.gotricities.net ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: PROBLEMS WITH PROTECT TAG ( "Dan Strong" 2004)
  2. Re: PROBLEMS WITH PROTECT TAG ( "Sal D'Anna" 2004)
  3. Re: PROBLEMS WITH PROTECT TAG ( Donovan Brooke 2004)
  4. Re: PROBLEMS WITH PROTECT TAG ( "Dan Strong" 2004)
  5. Re: PROBLEMS WITH PROTECT TAG ( Donovan Brooke 2004)
  6. Re: PROBLEMS WITH PROTECT TAG ( devaulw@onebox.com 2004)
  7. Re: PROBLEMS WITH PROTECT TAG ( Gary Krockover 2004)
  8. Re: PROBLEMS WITH PROTECT TAG ( Donovan Brooke 2004)
  9. Re: PROBLEMS WITH PROTECT TAG ( David Cate 2004)
  10. Re: PROBLEMS WITH PROTECT TAG ( Gary Krockover 2004)
  11. Re: PROBLEMS WITH PROTECT TAG ( Donovan Brooke 2004)
  12. PROBLEMS WITH PROTECT TAG ( David Cate 2004)
Is the group "admin" a loosly used group that the clients have access to? Generally, admin would be a 'master group' that could access any stores as needed by the developer/web host should it be included in the protect tag. The group "courtesy" would then be the client's personal group and they should only have access via that account. "Admin" would grant access to the WebDNA settings (control panel) as well, so you don't want anyone to have that user/pass except for the person running the server. GK At 03:06 PM 6/23/2004, you wrote: >Hello. I sure hope someone can help. We've been using WebDNA for some time >now and a former programmer has left our systems in a compromised situation. > >Our clients are able to log into other client's web sites using user names >and passwords from different groups. > >Example. > >Client A has a protect that includes their group and an admin group. >[protect courtesy admin] > >For some reason, another user from another group is able to log into the >site mentioned above, despite the fact their user name is not in that >group. What have we done here and is there a place where I could look to >uncover this issue? > >Thanks ahead of time... > >David Cate >New Media Director >The GoTriCities Network- http://www.gotricities.net ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Gary Krockover

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

Re:Searching for ALL / empty form field (1997) [WebDNA] OS X mail server (2009) WebMerchant and PCAuthorize (1998) [WebDNA] variable name limit - answer (2009) Displaying raw values (1998) sandboxes with 6.0 (2004) [ShowNext] feature in 2.0 (1997) HELP WITH DATES (1997) Quit revisited (1997) Searching/sorting dates (1997) (1997) listing [text] variables? (1999) Emailer setup (1997) How can I record purchases to a database? (1998) Re:no [search] with NT (1997) 2nd WebCatalog2 Feature Request (1996) OR-searching (2000) [returnraw] (2005) price on detail, but not shoppingcart (1997) What's wrong with this replace? (2002)