Re: PLUG site incident last night

Top Page
Attachments:
Message as email
+ (text/plain)
+ (text/html)
+ (text/plain)
Delete this message
Reply to this message
Author: keith smith
Date:  
To: Main PLUG discussion list
Subject: Re: PLUG site incident last night
I did a google search on php_flag register_globals and joomla was in the 8th position.

I tried Joomla for the first time several weeks ago. I really like what I see and hope to spend more time looking at it. At a very minimum extracts can expedite my efforts and possibly something as simple as a template change may get me where I want to go. It's a smooth application that would take a bunch of work to duplicate.

Hearing the security problems are not directly related to Joomla is great news.  I also think that the source code should be at a minimum adequate due to peer review.      


Thoughts?
Keith




Edward Norton <> wrote: On 1/1/07, keith smith <> wrote: Thanks, I'll check that out. I just read in a forum that if you put a php.ini in the home directory (I assume DocumentRoot) that PHP reads that one first.

Seems like a security risk to do so.

See http://www.go4expert.com/forums/showthread.php?t=397

could that be so?

Thanks,
Keith
It seems possible to do so, however I've never tried it myself. I'd have to agree with you on the security risk. It doesn't sound like a good idea to have the php conf in your documentroot.


---------------------------------------------------
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss


Keith Smith
A link from my website to yours
Submit Your Metro Phoenix Website
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com ---------------------------------------------------
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss