Re: [listfiles] anomaly

This WebDNA talk-list message is from

2003


It keeps the original formatting.
numero = 50123
interpreted = N
texte = In the words of homer simpson: doh!On 5/7/03 1:02 PM, Joe D'Andrea wrote:> Couldn't figure out whether to label this an exploit, bug, oversight > or what... so I settled on anomaly. > > Put this in a template: > > [listfiles] > [filename] > [/listfiles] > > And you will get a list of the files in your WebSTAR root folder. It > doesn't matter where on your server you put the template, you will > always get a list of files in the W* root. > > Clearly, there is some coder error here as I left out the required > path= parameter. But since the docs clearly say that path= is a > required parameter, shouldn't WebCat protect me from myself when I > don't include a required parameter? > > I'm using w*4/macos9/wcat4.5, but what happens if a v5 sandbox user > leaves out the required parameter? Do they get access to stuff they > shouldn't? > > ~joe > ----------------------------- Daniel Schutzsmith Senior Web Developer Berlin Productions, Inc. dan@berlinprod.com http://www.berlinprod.com (914) 683-5759 (914) 683-5751 fax ----------------------------- ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: [listfiles] anomaly (Rob Marquardt 2003)
  2. Re: [listfiles] anomaly (Gary Krockover 2003)
  3. Re: [listfiles] anomaly (Daniel Schutzsmith 2003)
  4. [listfiles] anomaly (Joe D'Andrea 2003)
In the words of homer simpson: doh!On 5/7/03 1:02 PM, Joe D'Andrea wrote:> Couldn't figure out whether to label this an exploit, bug, oversight > or what... so I settled on anomaly. > > Put this in a template: > > [listfiles] > [filename] > [/listfiles] > > And you will get a list of the files in your WebSTAR root folder. It > doesn't matter where on your server you put the template, you will > always get a list of files in the W* root. > > Clearly, there is some coder error here as I left out the required > path= parameter. But since the docs clearly say that path= is a > required parameter, shouldn't WebCat protect me from myself when I > don't include a required parameter? > > I'm using w*4/macos9/wcat4.5, but what happens if a v5 sandbox user > leaves out the required parameter? Do they get access to stuff they > shouldn't? > > ~joe > ----------------------------- Daniel Schutzsmith Senior Web Developer Berlin Productions, Inc. dan@berlinprod.com http://www.berlinprod.com (914) 683-5759 (914) 683-5751 fax ----------------------------- ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Daniel Schutzsmith

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

2.0 Info (1997) Thanks Grant (1997) Can I invoke an ssi plugin from within a webcat page (1997) Triggers (1999) Multiple prices (1997) problems with WebCat-Plugin () international time (1997) Sort Order on a page search (1997) PCS Frames (1997) Merging databases (1997) Post Limits (1998) japanese characters (1997) OT: Collaborative Browsing (2000) finding child records of child records of child records... with minimal code (2000) WC2b15 File Corruption (1997) Re:HELP - NONE STOP DIGESTS. Digest for 4/24/97) (1997) Stopping bad HTML propagation ? (1997) range searching (1998) [WebDNA] Virtual server (2011) Deadlock (1998)