In article <4164207.BzBX0qeeSI@xxxxxxxxxxxxxxx>, Roy Schestowitz wrote:
> http://forum.catalyst2.com/showthread.php?t=3271
>
> ,----[ Quote ]
>| Previously, we have allowed some sites run using a higher trust level
>| on asp.net 1.1 so they may use additional functionality in their scripts
>| that many other hosting companies do not allow. Unfortunately, a site
>| utilising this additional functionality was exploited - allowing a hacker
>| to upload a script which defaced files on one of our servers.
> `----
>
> They never had such issues with Linux/Apache, despite the fact that this dou
> runs a large proportion of the Web. It appears as though defacing of sites
> has been a .Net/Windows 'thing' for quite some time... oh, yeah! And I also
> see how those opting for Windows hosting get ripped off and get merely no
> features with the hosting package.
Do they allow Linux/Apache users to use things that are forbidden at most
other hosting companies? In particular, do they allow Linux/Apache users to
use insecure older versions of things? (And if you think there aren't any
insecure things at most Linux/Apache hosting companies, think again: some of
the most popular blog software, forum software, and webmail software has had
frequent and recent serious exploits).
Why did you snip the part about users who want these features that they no
longer can allow on asp.net 1.1 can switch to asp.net 2?
--
--Tim Smith
|
|
