Like i said earlier, i dont know why he needs to check the filename.
Let me explain :
There are two situations you are describing here :
1 - When the user invokes an application that executes a task on user
behalf, using data suplied by the same user.
This first situation is correctly treated b
On 16/09/12 06:08, Paul Breneman wrote:
Three minimal FPC and fpGUI distros were just updated on this page:
http://www.turbocontrol.com/easyfpgui.htm
Awesome, thanks Paul. I can see I'll have to order another RPi, or more
SD cards. :-) The Raspxbmc distro works really well as a media centr
Il 15/09/2012 23:48, Jorge Aldo G. de F. Junior ha scritto:
This is a security risk, because, if the function isnt almost perfect,
someone could end up reading the passwords file (security.sam on
windows ? whatever im not a windows programmer) or rewriting criticial
files on a system.
IOW you mea
Am 2012-09-15 23:48, schrieb Jorge Aldo G. de F. Junior:
This is a security risk, because, if the function isnt almost perfect,
someone could end up reading the passwords file (security.sam on
windows ? whatever im not a windows programmer) or rewriting criticial
files on a system.
You mean all
Jorge Aldo G. de F. Junior wrote:
I believe that you already know that, but thats why i asked if others
are considering the security risk involved in filenames.
For evidence sake look at this old IIS bug :
http://www.hackingspirits.com/eth-hac/papers/iis_uni.html
Morale : Filenames can be nas
Am 16.09.2012 07:08, schrieb Paul Breneman:
> Three minimal FPC and fpGUI distros were just updated on this page:
> http://www.turbocontrol.com/easyfpgui.htm
>
> The serial debug terminal (uses SynaSer part of Synapse) now compiles
> and the RPi works with my Gearmo USB to serial adapters (that
