***
lk******@geocities.com escribió/wrote (22 Jan 2005 16:11:38 -0800):
Suppose I let users login into my control panel and upload files. They
could upload PHP or Python or Perl scripts and take over the web
server. If the PHP code that handles the uploads automatically chmods
them to 666, the files can not be executed. Does that make them safe?
Automatically making files word-writeable is a rather peculiar security
system... :-?
About the 'executable' bit, PHP scripts are normally not executable, they
need to be processed through an interpreter. I suppose you could accomplish
it hacking with the Linux kernel, but that's not the usual case.
--
-+ Álvaro G. Vicario - Burgos, Spain
+-
http://www.demogracia.com (la web de humor barnizada para la intemperie)
++ Las dudas informáticas recibidas por correo irán directas a la papelera
-+ I'm not a free help desk, please don't e-mail me your questions
--