[pmwiki-users] OpenOffice.org file uploads
Robin Sheat
robin at kallisti.net.nz
Mon Nov 13 18:12:24 CST 2006
On Tuesday 14 November 2006 12:56, Algis Kabaila wrote:
> server (how else would one run "Mailman"?), IMHO security based on file
> extensions is very weak indeed - almost meaningless. Why? Python will run
> "scripts" (programs) without any extensions of their name. This is a
> problem for security, is it not?
I'd expect not. While Python (and Perl, and PHP) can run files without a
particular extension, when part of a website, it's Apache that decides who
gets to run it. And typically (as I understand it), it gives it to PHP if
it's a .php file, Perl if it's a .pl file, and so on. It's not executed as
you would from the command line, where it goes through the Linux program
loader which works it out based on the first line, but instead it is based on
extension.
> OldAl in sweltering Canberra Down-Under. Hi Robin, neighbour!
Don't say sweltering :) I'm going to be in Canberra in January (after
Linux.conf.au), coming from Dunedin. Currently it's 12 degrees, and we've had
9mm of rain today. I think it'll be hard to adjust...
Robin.
More information about the pmwiki-users
mailing list