Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming One application for multiple sites, maintainability vs security
One application for multiple sites, maintainability vs security
  • El Forum
    Guest
  •  
#11
07-31-2008, 05:23 AM

[eluser]mvdg27[/eluser]
Hi Guys,

Sorry for my late response .. I've been on holidays for a week Smile ..

Anyway, Randy, could you elaborate a bit on this:

"per-user/per-execution base-dir restrictions to prevent the problems I mentioned above" ..

What exactly do you mean by this?

@Bramme: "I guess you could scan for php and text files, read them into a variable and scan that variable for possible malicious code." -> that's a nice idea .. but how to define malicious code, then? It seems like a hell of a task to come up with possible hacks .. especially for someone with no experience at all, in the hacking-business Wink

Thanks! Michiel
  • El Forum
    Guest
  •  
#12
07-31-2008, 06:51 AM

[eluser]Bramme[/eluser]
Well, as Randy said, you could simply restrict the use of any functions that read/manipulate directories and files, stuff like glob, fopen, fwrite, fread, mkdir, unlink etc...
  • El Forum
    Guest
  •  
#13
07-31-2008, 07:24 AM

[eluser]Randy Casburn[/eluser]
Sure -- user base-dir restrictions - they were designed to help with situations like yours. If it's set up properly it should aid you, not hinder you.

Randy




Theme © iAndrew 2016 - Forum software by © MyBB