Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

Re: My Web Host is Having Problems with Windows

On Sun, 16 Jul 2006 11:41:00 +0100, Roy Schestowitz wrote:

> http://forum.catalyst2.com/showthread.php?t=3271
> 
> ,----[ Quote ]
>| Previously, we have allowed some sites run using a higher trust level
>| on asp.net 1.1 so they may use additional functionality in their scripts
>| that many other hosting companies do not allow. Unfortunately, a site
>| utilising this additional functionality was exploited - allowing a hacker
>| to upload a script which defaced files on one of our servers.
> `----
> 
> They never had such issues with Linux/Apache, despite the fact that this dou
> runs a large proportion of the Web. It appears as though defacing of sites
> has been a .Net/Windows 'thing' for quite some time... oh, yeah! And I also
> see how those opting for Windows hosting get ripped off and get merely no
> features with the hosting package.

This is bull.  This is equivelent to enabling insecure features in software
like PHP.  Most hosting companies disable stuff like the posix functions,
fpassthru, file, mail, exec, system, passthru, popen, crack_check,
crack_closedict, crack_getlastmessage, crack_opendict, fsockopen,
psockopen, opendir, readdir, closedir, phpinfo, etc..

Enabling those functions is equivelent to running in full trust mode in
asp.net 1.1

[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index