PLUG site incident last night
keith smith
klsmith2020 at yahoo.com
Mon Jan 1 18:50:22 MST 2007
I did a google search on php_flag register_globals and joomla was in the 8th position.
I tried Joomla for the first time several weeks ago. I really like what I see and hope to spend more time looking at it. At a very minimum extracts can expedite my efforts and possibly something as simple as a template change may get me where I want to go. It's a smooth application that would take a bunch of work to duplicate.
Hearing the security problems are not directly related to Joomla is great news. I also think that the source code should be at a minimum adequate due to peer review.
Thoughts?
Keith
Edward Norton <r00t3d at gmail.com> wrote: On 1/1/07, keith smith <klsmith2020 at yahoo.com> wrote: Thanks, I'll check that out. I just read in a forum that if you put a php.ini in the home directory (I assume DocumentRoot) that PHP reads that one first.
Seems like a security risk to do so.
See http://www.go4expert.com/forums/showthread.php?t=397
could that be so?
Thanks,
Keith
It seems possible to do so, however I've never tried it myself. I'd have to agree with you on the security risk. It doesn't sound like a good idea to have the php conf in your documentroot.
---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Keith Smith
A link from my website to yours
Submit Your Metro Phoenix Website
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.PLUG.phoenix.az.us/pipermail/plug-discuss/attachments/20070101/fc134a8e/attachment.htm
More information about the PLUG-discuss
mailing list