CodeIgniter Forums

Full Version: One application for multiple sites, maintainability vs security
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2

El Forum

[eluser]mvdg27[/eluser]
Hi Guys,

Sorry for my late response .. I've been on holidays for a week Smile ..

Anyway, Randy, could you elaborate a bit on this:

"per-user/per-execution base-dir restrictions to prevent the problems I mentioned above" ..

What exactly do you mean by this?

@Bramme: "I guess you could scan for php and text files, read them into a variable and scan that variable for possible malicious code." -> that's a nice idea .. but how to define malicious code, then? It seems like a hell of a task to come up with possible hacks .. especially for someone with no experience at all, in the hacking-business Wink

Thanks! Michiel

El Forum

[eluser]Bramme[/eluser]
Well, as Randy said, you could simply restrict the use of any functions that read/manipulate directories and files, stuff like glob, fopen, fwrite, fread, mkdir, unlink etc...

El Forum

[eluser]Randy Casburn[/eluser]
Sure -- user base-dir restrictions - they were designed to help with situations like yours. If it's set up properly it should aid you, not hinder you.

Randy
Pages: 1 2