[thelist] Able to get to other users on server folders
Denis, David
DDenis at inlumen.com
Wed May 16 11:50:57 CDT 2001
> FTP or SSH/Telnet...? I've seen it with both before, but
> it's more common withthe latter, I think...maybe just my own
> experience.
Exactly. Assuming their public_html is world readable, which it is, then
any files in there that are world readable, which they probably are
(especially if they were simply uploaded with an FTP client like CuteFTP)
will be readable. Now if they specific users are smart, they would change
their permissions on their /home/user directory. You can't change the
ability to read from public_html, that's kind of the whole point. But users
shouldn't be sensitive files in there, only files associated with their web
page. A troubling thing would be if you can access their CGIs where they
may have hard coded passwords.
Dave
> On Wed, 16 May 2001 12:33:05 -0400
> "Gina K. Anderson" <gina at sitediva.com> wrote:
>
> :
> :I'm on a shared server, and I can't get into the whole user
> directory on my
> :server from a "directory up" arrow or command, it just shows
> my own root, not
> :the entire server's user folders. I haven't been able to do
> that on free
> :webhosting sites.
> :
> :Gina
> :
> --
>
>
>
> Darrell
>
>
> The Web Center, Inc.
> http://webctr.com
> admin at webctr.com
> 1/877.349.3230 | 1/716.349.3230
>
> CGI Programming | Web Development | Database Programming
>
> ---------------------------------------
> For unsubscribe and other options, including
> the Tip Harvester and archive of TheList go to:
> http://lists.evolt.org Workers of the Web, evolt !
>
More information about the thelist
mailing list