PhpDig.net - View Single Post

Charter · 02-28-2004, 03:21 PM

Hi. Let's assume that the server is secure and no files on your account have vulnerabilities. With these assumptions, there could be a remote possibility that a user on a shared account could access another account on the same machine, but this would depend on setup. The 777 permission of the includes directory is for using install.php, but once done, the directory can be 755 permission and install.php can be removed. The documentation refers to if you should happen to crawl a link like http://username:password@www.domain.com which would pass the userame and password in plain text.

02-28-2004, 03:21 PM	#2
Charter Head Mole Join Date: May 2003 Posts: 2,539	Hi. Let's assume that the server is secure and no files on your account have vulnerabilities. With these assumptions, there could be a remote possibility that a user on a shared account could access another account on the same machine, but this would depend on setup. The 777 permission of the includes directory is for using install.php, but once done, the directory can be 755 permission and install.php can be removed. The documentation refers to if you should happen to crawl a link like http://username:password@www.domain.com which would pass the userame and password in plain text. __________________ Responses are offered on a voluntary if/as time is available basis, no guarantees. Double posting or bumping threads will not get your question answered any faster. No support via PM or email, responses not guaranteed. Thank you for your comprehension.