In PHP 4.4, what is the most secure server configuration while keeping
REGISTER_GLOBALS on?
12  1803 
>In PHP 4.4, what is the most secure server configuration while keeping
>REGISTER_GLOBALS on?
Completely disconnected from the network?
Powered off?
On Fri, 26 Jan 2007 01:54:27 +0100, Gordon Burditt
<go***********@burditt.orgwrote:
>In PHP 4.4, what is the most secure server configuration while keeping
REGISTER_GLOBALS on?
Completely disconnected from the network?
Powered off?
Damn, I was going to say "disallow the use of all functions", but indeed,
powered off seems safest. Less firehazard, and no wear and tear on the
hardware as added bonus...
--
Rik Wasmus
On Jan 25, 5:05 pm, Rik <luiheidsgoe...@hotmail.comwrote:
On Fri, 26 Jan 2007 01:54:27 +0100, Gordon Burditt
<gordonb.zi...@burditt.orgwrote:
In PHP 4.4, what is the most secure server configuration while keeping
REGISTER_GLOBALS on?
Completely disconnected from the network?
Powered off?Damn, I was going to say "disallow the use of all functions", but indeed,
powered off seems safest. Less firehazard, and no wear and tear on the
hardware as added bonus...
--
Rik Wasmus
And to think I was thinking of the user verification scheme: require
every client to be personally interviewed by you, and then tell them
that there's probably buggy behavior.
Maybe too much work, though.
--
Curtis
On Fri, 26 Jan 2007 13:03:09 +0100, Curtis <dy****@gmail.comwrote:
Powered off?Damn, I was going to say "disallow the use of all
functions", but indeed,
Hmmz, I see this weird behaviour often lately, pushing the line of a reply
back on the last line of a quote. Is this a new Google Groups 'feature',
or has it something to do with my experimenting with other newsclients?
--
Rik Wasmus
On Jan 25, 5:54 pm, gordonb.zi...@burditt.org (Gordon Burditt) wrote:
In PHP 4.4, what is the most secure server configuration while keeping
REGISTER_GLOBALS on?Completely disconnected from the network?
Powered off?
lol
Ok, what's the least vulnerable usable configuration with
REGISTER_GLOBALS on?
A more specific question is with the server at it's least vulnerable
configuration, is it possible to gain read/write access to the server
file system through poorly coded PHP using REGISTER_GLOBALS?
Dave wrote:
>
On Jan 25, 5:54 pm, gordonb.zi...@burditt.org (Gordon Burditt) wrote:
>>In PHP 4.4, what is the most secure server configuration while keeping
REGISTER_GLOBALS on?Completely disconnected from the network?
Powered off?
lol
Ok, what's the least vulnerable usable configuration with
REGISTER_GLOBALS on?
There is none.
A more specific question is with the server at it's least vulnerable
configuration, is it possible to gain read/write access to the server
file system through poorly coded PHP using REGISTER_GLOBALS?
It's possible to do anything with poorly written PHP code.
If your hosting company is running with it on, it's time to find another
hosting company.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp. js*******@attglobal.net
==================
On Jan 26, 4:11 am, Rik <luiheidsgoe...@hotmail.comwrote:
Hmmz, I see this weird behaviour often lately, pushing the line of a reply
back on the last line of a quote. Is this a new Google Groups 'feature',
or has it something to do with my experimenting with other newsclients?
--
Rik Wasmus
Yeah, this is something that's off with Google Groups. I try to fix it
manually when I catch it. I think I should start using Thunderbird, or
maybe I'll just google around for some good news clients. Are there
any you are particularly fond of?
On Jan 25, 5:54 pm, gordonb.zi...@burditt.org (Gordon Burditt) wrote:
In PHP 4.4, what is the most secure server configuration while keeping
REGISTER_GLOBALS on?Completely disconnected from the network?
Powered off?
lol
Ok, what's the least vulnerable usable configuration with
REGISTER_GLOBALS on?
A more specific question is with the server at it's least vulnerable
configuration, is it possible to gain read/write access to the server
file system through poorly coded PHP using REGISTER_GLOBALS?
I'd have to agree with Jerry, it's not worth running any application
that needs to be run securely, while register_globals is on. If your
host has PHP installed as an Apache module, you could try altering the
ini register_globals setting from .htaccess.
--
Curtis
Curtis <dy****@gmail.comwrote:
On Jan 26, 4:11 am, Rik <luiheidsgoe...@hotmail.comwrote:
>Hmmz, I see this weird behaviour often lately, pushing the line of a
reply
back on the last line of a quote. Is this a new Google Groups 'feature',
or has it something to do with my experimenting with other newsclients?
Yeah, this is something that's off with Google Groups. I try to fix it
manually when I catch it. I think I should start using Thunderbird, or
maybe I'll just google around for some good news clients. Are there
any you are particularly fond of?
I've used Outlook Express (with OE-Quotefix) for a very long time, but it
simply will not do. I'm testing other readers right now, currently I'm
using Opera, and I'd say, it was already my favourite browser, now it's my
favourite newsreader too :-).
XNews seems to be very good also, I've yet to test it, there seems to be
some steep learning curve involved.
--
Rik Wasmus
On Jan 26, 2:11 pm, Rik <luiheidsgoe...@hotmail.comwrote:
Hmmz, I see this weird behaviour often lately, pushing the line of a reply
back on the last line of a quote. Is this a new Google Groups 'feature'
Yep, and here are some other Google Groups "features": http://groups.google.com/group/Is-Something-Broken/msg/
a62f60b19d75b8e9
Here's the TinyURL version of the above URL as the above URL probably
gets broken: http://tinyurl.com/3ygr2v
On Jan 28, 5:03 am, Rik <luiheidsgoe...@hotmail.comwrote:
Curtis <dye...@gmail.comwrote:
On Jan 26, 4:11 am, Rik <luiheidsgoe...@hotmail.comwrote:
Hmmz, I see this weird behaviour often lately, pushing the line of a
reply
back on the last line of a quote. Is this a new Google Groups 'feature',
or has it something to do with my experimenting with other newsclients?
Yeah, this is something that's off with Google Groups. I try to fix it
manually when I catch it. I think I should start using Thunderbird, or
maybe I'll just google around for some good news clients. Are there
any you are particularly fond of?
I've used Outlook Express (with OE-Quotefix) for a very long time, but it
simply will not do. I'm testing other readers right now, currently I'm
using Opera, and I'd say, it was already my favourite browser, now it's my
favourite newsreader too :-).
XNews seems to be very good also, I've yet to test it, there seems to be
some steep learning curve involved.
--
Rik Wasmus
Thanks for your suggestions. I use Opera for web browsing sometimes,
but I must have forgotten it has newsreader capabilities. Thanks for
that.
Another thing that's irritating about Google Groups is that it
defaults to topposting. I haven't really hunted around for settings,
but it doesn't seem like you can change this.
Thanks for the helpful link, Tomi..
--
Curtis
Curtis wrote:
Another thing that's irritating about Google Groups is that it
defaults to topposting. I haven't really hunted around for settings,
but it doesn't seem like you can change this.
It doesn't really default to anything - except quoting the
original text. It's just that when you start out, your cursor
is at the top of the quoted material.
From there you can either review and edit the quoted material
(which you should do anyway)
If you don't want to review the quoted material, hit Ctl-End to
go directly to the bottom and begin typing.
On Tue, 30 Jan 2007 14:05:14 -0800, Sanders Kaufman <bu***@kaufman.net>
wrote:
Curtis wrote:
>Another thing that's irritating about Google Groups is that it defaults
to topposting. I haven't really hunted around for settings, but it
doesn't seem like you can change this.
It doesn't really default to anything - except quoting the original
text. It's just that when you start out, your cursor is at the top of
the quoted material.
From there you can either review and edit the quoted material (which
you should do anyway)
If you don't want to review the quoted material, hit Ctl-End to go
directly to the bottom and begin typing.
Yeah, I know, it isn't that big of a deal, but I'm not even using google
groups anymore. The previous point made about the latest quoted portion
being pushed onto the same line as its quoted post is actually annoying
though.
--
Curtis, http://dyersweb.com This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Simon Hadler |
last post by:
Hi was asking some questions about this in alt.php but some didn't get answered.
Yes I have read an awful lot now about php security and different advisories
and Idon't mind being called a...
|
by: wonder |
last post by:
Hi,
The CRM application said that need to add an option
"REGISTER_GLOBALS=On" to the php.ini file, so I did what it told.
But I still can't get rid off the following error:
The PHP variable...
|
by: Phil Latio |
last post by:
I am newish to PHP and wish to create an authentication system where a new
user is required to validate/complete their sign-up by clicking a link in an
email.
I am probably capable of putting...
|
by: rjames.clarke |
last post by:
I am developing an online application and the last thing I need to get
a handle on is security.
This app is very heavy with forms. Business critical data will be
entered via forms and inserted in...
|
by: Ham Pastrami |
last post by:
My hosting provider has register_globals on. How big of a security risk is
this, and is there a workaround for it if I can't convince them to turn it
off? At the moment I am running phpbb and...
|
by: Ignoramus20689 |
last post by:
While trying to signon at a website, I got the following PHP code
back. I suppose that their apache was mistakenly returning php text
instead of executing it.
<?php
if (!defined("INCLUDED"))...
|
by: himilecyclist |
last post by:
My State government organization has written a PHP/MySQL application
which has been in production for about 6 months and has been highly
successful.
We are now embarking on a similar database...
|
by: hansBKK |
last post by:
Upfront disclaimer - I am a relative newbie, just starting out learning
about PHP, mostly by researching, installing and playing with different
scripts. I am looking for a host that will provide...
|
by: Earl Anderson |
last post by:
First, I feel somewhat embarrassed and apologetic that this post is lengthy,
but in an effort to furnish sufficient information (as opposed to too little
information) to you, I wanted to supply all...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
| |
