would be really silly if....
http://www.php.net/source.php?url=/index.php
----- Original Message -----
From: "Tim Taubert" <[EMAIL PROTECTED]>
To: "PHP Mailingliste" <[EMAIL PROTECTED]>
Sent: Wednesday, July 04, 2001 5:27 PM
Subject: RE: [PHP] Security of PHP code
> found 2 other servers having the same problem... mailed to the webmasters
and admins instead of
> posting it.. now i feel a little bit better :)
>
> Tim Taubert
>
> ---------------------------------------------------------------------
> Tim Taubert | [EMAIL PROTECTED] | http://www.shogunat.com/rg/
> ---------------------------------------------------------------------
>
> .o] -----Original Message-----
> .o] From: Tim Taubert [mailto:[EMAIL PROTECTED]]
> .o] Sent: Wednesday, July 04, 2001 5:16 PM
> .o] To: PHP Mailingliste
> .o] Subject: RE: [PHP] Security of PHP code
> .o]
> .o]
> .o] mh i know it was the wrong decision. didn't think about it. already
said that. feeling
> .o] guilty now
> .o] *argh*
> .o]
> .o] Tim Taubert
> .o]
> .o] ---------------------------------------------------------------------
> .o] Tim Taubert | [EMAIL PROTECTED] | http://www.shogunat.com/rg/
> .o] ---------------------------------------------------------------------
> .o]
> .o] .o] -----Original Message-----
> .o] .o] From: PHPBeginner.com [mailto:[EMAIL PROTECTED]]
> .o] .o] Sent: Wednesday, July 04, 2001 5:17 PM
> .o] .o] To: [EMAIL PROTECTED]; PHP Mailingliste
> .o] .o] Subject: RE: [PHP] Security of PHP code
> .o] .o]
> .o] .o]
> .o] .o] Just for the respect of the community, Tim, you shouldn't have
posted that.
> .o] .o] Poor them, they are under the risks, of course the things will be
probably
> .o] .o] fixed, but if someone cares he might be already in the machine
just for the
> .o] .o] sake of it.
> .o] .o]
> .o] .o] -maxim maletsky
> .o] .o]
> .o] .o]
> .o] .o] -----Original Message-----
> .o] .o] From: Tim Taubert [mailto:[EMAIL PROTECTED]]
> .o] .o] Sent: Thursday, July 05, 2001 12:09 AM
> .o] .o] To: PHP Mailingliste
> .o] .o] Subject: RE: [PHP] Security of PHP code
> .o] .o]
> .o] .o]
> .o] .o] oh thanks for the disclaimer ;) forgot it..
> .o] .o]
> .o] .o] richard: didn't think about it.. but should have done it.. first
and last
> .o] .o] time i did it *promised*
> .o] .o] :)
> .o] .o]
> .o] .o] Tim Taubert
> .o] .o]
> .o]
.o] ---------------------------------------------------------------------
> .o] .o] Tim Taubert | [EMAIL PROTECTED] | http://www.shogunat.com/rg/
> .o]
.o] ---------------------------------------------------------------------
> .o] .o]
> .o] .o] .o] -----Original Message-----
> .o] .o] .o] From: PHPBeginner.com [mailto:[EMAIL PROTECTED]]
> .o] .o] .o] Sent: Wednesday, July 04, 2001 5:09 PM
> .o] .o] .o] To: [EMAIL PROTECTED]; PHP Mailingliste
> .o] .o] .o] Subject: RE: [PHP] Security of PHP code
> .o] .o] .o]
> .o] .o] .o]
> .o] .o] .o] Yup, I believe you - that's not your site.
> .o] .o] .o]
> .o] .o] .o] That is what I meant: It is no PHP, it is how you use PHP.
> .o] .o] .o]
> .o] .o] .o] DISCLAIMER:
> .o] .o] .o] No one's fault (except the programmer) that there was THAT BIG
security
> .o] .o] hole
> .o] .o] .o] on the site.
> .o] .o] .o]
> .o] .o] .o] -maxim maletsky
> .o] .o] .o]
> .o] .o] .o]
> .o] .o] .o]
> .o] .o] .o]
> .o] .o] .o] -----Original Message-----
> .o] .o] .o] From: Tim Taubert [mailto:[EMAIL PROTECTED]]
> .o] .o] .o] Sent: Wednesday, July 04, 2001 11:58 PM
> .o] .o] .o] To: PHP Mailingliste
> .o] .o] .o] Subject: RE: [PHP] Security of PHP code
> .o] .o] .o]
> .o] .o] .o]
> .o] .o] .o] you're totally right.. look at this
> .o] .o] .o]
> .o] .o] .o]
> .o] .o] ************************censored**********************************
> .o] .o] .o]
> .o] .o] .o] *no comment* and not my site...
> .o] .o] .o]
> .o] .o] .o] Tim Taubert
> .o] .o] .o]
> .o] .o]
.o] ---------------------------------------------------------------------
> .o] .o] .o] Tim Taubert | [EMAIL PROTECTED] |
http://www.shogunat.com/rg/
> .o] .o]
.o] ---------------------------------------------------------------------
> .o] .o] .o]
> .o] .o] .o] .o] -----Original Message-----
> .o] .o] .o] .o] From: PHPBeginner.com [mailto:[EMAIL PROTECTED]]
> .o] .o] .o] .o] Sent: Wednesday, July 04, 2001 4:09 PM
> .o] .o] .o] .o] To: [EMAIL PROTECTED]; php-general
> .o] .o] .o] .o] Subject: RE: [PHP] Security of PHP code
> .o] .o] .o] .o]
> .o] .o] .o] .o]
> .o] .o] .o] .o] SECURE, SECURE.
> .o] .o] .o] .o]
> .o] .o] .o] .o] It is not how secure PHP is, it is how well YOU protect
it.
> .o] .o] .o] .o] For example = make this line show_source($file); then go
to
> .o] .o] .o] .o] your page like
> .o] .o] .o] .o] file.php?file=/etc/passwd and you're freaked!
> .o] .o] .o] .o]
> .o] .o] .o] .o] There is a whole bunch of way to hack your pages if not
protected
> .o] .o] well
> .o] .o] .o] .o] enough, but PHP itself has no vital security problems.
> .o] .o] .o] .o]
> .o] .o] .o] .o] Try to search the archives for this topic and see what
people
> .o] .o] .o] .o] think/suggest.
> .o] .o] .o] .o] You will find there thousands of tips on what to do to
have a
> .o] .o] .o] .o] bullet-proof
> .o] .o] .o] .o] website. (always of the server is yours).
> .o] .o] .o] .o]
> .o] .o] .o] .o]
> .o] .o] .o] .o] Sincerely,
> .o] .o] .o] .o]
> .o] .o] .o] .o] Maxim Maletsky
> .o] .o] .o] .o] Founder, Chief Developer
> .o] .o] .o] .o]
> .o] .o] .o] .o] PHPBeginner.com (Where PHP Begins)
> .o] .o] .o] .o] [EMAIL PROTECTED]
> .o] .o] .o] .o] www.phpbeginner.com
> .o] .o] .o] .o]
> .o] .o] .o] .o]
> .o] .o] .o] .o]
> .o] .o] .o] .o]
> .o] .o] .o] .o] -----Original Message-----
> .o] .o] .o] .o] From: David A Dickson [mailto:[EMAIL PROTECTED]]
> .o] .o] .o] .o] Sent: Wednesday, July 04, 2001 10:43 PM
> .o] .o] .o] .o] To: php-general
> .o] .o] .o] .o] Subject: [PHP] Security of PHP code
> .o] .o] .o] .o]
> .o] .o] .o] .o]
> .o] .o] .o] .o] Is it possible for others to view the php code for pages I
have
> .o] .o] .o] .o] written? I
> .o] .o] .o] .o] thought I heard someone say before that they could write a
> .o] .o] .o] .o] simple script to
> .o] .o] .o] .o] accomplish this. If anyone knows of any tacticts people
might
> .o] .o] .o] .o] use to attack
> .o] .o] .o] .o] my code please post them hee.
> .o] .o] .o] .o]
> .o] .o] .o] .o] : David A. Dickson
> .o] .o] .o] .o] : [EMAIL PROTECTED]
> .o] .o] .o] .o]
> .o] .o] .o] .o]
> .o] .o] .o] .o]
> .o] .o] .o] .o]
> .o] .o] .o] .o] Get 250 color business cards for FREE!
> .o] .o] .o] .o] http://businesscards.lycos.com/vp/fastpath/
> .o] .o] .o] .o]
> .o] .o] .o] .o] --
> .o] .o] .o] .o] PHP General Mailing List (http://www.php.net/)
> .o] .o] .o] .o] To unsubscribe, e-mail:
[EMAIL PROTECTED]
> .o] .o] .o] .o] For additional commands, e-mail:
[EMAIL PROTECTED]
> .o] .o] .o] .o] To contact the list administrators, e-mail:
> .o] .o] [EMAIL PROTECTED]
> .o] .o] .o] .o]
> .o] .o] .o] .o]
> .o] .o] .o] .o]
> .o] .o] .o] .o] --
> .o] .o] .o] .o] PHP General Mailing List (http://www.php.net/)
> .o] .o] .o] .o] To unsubscribe, e-mail:
[EMAIL PROTECTED]
> .o] .o] .o] .o] For additional commands, e-mail:
[EMAIL PROTECTED]
> .o] .o] .o] .o] To contact the list administrators, e-mail:
> .o] .o] [EMAIL PROTECTED]
> .o] .o] .o] .o]
> .o] .o] .o]
> .o] .o] .o]
> .o] .o] .o] --
> .o] .o] .o] PHP General Mailing List (http://www.php.net/)
> .o] .o] .o] To unsubscribe, e-mail: [EMAIL PROTECTED]
> .o] .o] .o] For additional commands, e-mail:
[EMAIL PROTECTED]
> .o] .o] .o] To contact the list administrators, e-mail:
[EMAIL PROTECTED]
> .o] .o] .o]
> .o] .o] .o]
> .o] .o]
> .o] .o]
> .o] .o] --
> .o] .o] PHP General Mailing List (http://www.php.net/)
> .o] .o] To unsubscribe, e-mail: [EMAIL PROTECTED]
> .o] .o] For additional commands, e-mail: [EMAIL PROTECTED]
> .o] .o] To contact the list administrators, e-mail:
[EMAIL PROTECTED]
> .o] .o]
> .o] .o]
> .o]
> .o]
> .o] --
> .o] PHP General Mailing List (http://www.php.net/)
> .o] To unsubscribe, e-mail: [EMAIL PROTECTED]
> .o] For additional commands, e-mail: [EMAIL PROTECTED]
> .o] To contact the list administrators, e-mail:
[EMAIL PROTECTED]
> .o]
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> To contact the list administrators, e-mail: [EMAIL PROTECTED]
>
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
