Re: Security Issue

This WebDNA talk-list message is from

1999


It keeps the original formatting.
numero = 23665
interpreted = N
texte = At 17:23 Uhr -0800 12.02.99, Donovan Rittenbach wrote: >Say I know I'm on a mac server running web catalog. Say I know >applescript. What happens if I set up an applescript along the lines of >tell finder place all folders on desktop in trash. empty trash. What >happens? Is this a security risk to be concerned about?AppleScript itself is a security risk, Perl is a risk too. Don't run such a program or configure everything you can to make your server as secure as possible. WebCatalog is a risk with some context's, I do not want to describe that here. But consider, that anybody who wants to do some harm to your server needs access to your server and is most likely your client. And if he starts an attack he might kill the server, has no more access and you have enough time to find out where the attack came from... And don't forget - life itself is a risk either :) Peter++++++++++++++++++++++++++++++++++++++++++++++++ Peter Ostry - Vienna/Austria - www.ostry.com Fon ++43-1-877 74 54 Fax ++43-1-877 74 54-21 ++++++++++++++++++++++++++++++++++++++++++++++++ Associated Messages, from the most recent to the oldest:

    
  1. Re: Security Issue (WebDNA Support 2000)
  2. Re: Security Issue (Kenneth Grome 2000)
  3. Security Issue (steve@countyinfonet.com (Stephen Russo) 2000)
  4. Re: Security Issue (Peter Ostry 1999)
  5. Re: Security Issue (Kenneth Grome 1999)
  6. Re: Security Issue (Bob Minor 1999)
  7. Security Issue (Donovan Rittenbach 1999)
  8. Re: Security Issue (Olin 1997)
  9. Security Issue (Bob Minor 1997)
  10. Security Issues and WebCommerce Solution (Grant Hulbert 1997)
At 17:23 Uhr -0800 12.02.99, Donovan Rittenbach wrote: >Say I know I'm on a mac server running web catalog. Say I know >applescript. What happens if I set up an applescript along the lines of >tell finder place all folders on desktop in trash. empty trash. What >happens? Is this a security risk to be concerned about?AppleScript itself is a security risk, Perl is a risk too. Don't run such a program or configure everything you can to make your server as secure as possible. WebCatalog is a risk with some context's, I do not want to describe that here. But consider, that anybody who wants to do some harm to your server needs access to your server and is most likely your client. And if he starts an attack he might kill the server, has no more access and you have enough time to find out where the attack came from... And don't forget - life itself is a risk either :) Peter++++++++++++++++++++++++++++++++++++++++++++++++ Peter Ostry - Vienna/Austria - www.ostry.com Fon ++43-1-877 74 54 Fax ++43-1-877 74 54-21 ++++++++++++++++++++++++++++++++++++++++++++++++ Peter Ostry

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

RE: Template Not Found (1998) AIM & SIM Issue (2003) calculating tax rates, mail order solutions and version 2 (1997) WebCat2b14MacPlugIn - [include] doesn't hide the search string (1997) OT Weird Messenger Service message (2002) Upgrade to WebCat2 from Commerce Lite (1997) EIMS Problems (1997) insert graphic in email (2000) in string ??? (2001) New public beta available (1997) Extended [ConvertChars] (1997) question: Eudora 3.1.1 (1997) wierd [cart] action! (1997) WebCat3.04/w*4/OS8.5.1 and aliases (1999) multi-paragraph fields (1997) [WebDNA] Daily tasks without triggers (2011) New WebCatalog Version !!! (1997) NewCart+Search with one click ? (1997) Introduction/Tutorial/QuickStart (1997) Calendar using WebCatalog? (1997)