Re: [Full-Disclosure] VERY HIGH VULNERABILITY DISCLOSURE !!! MASS ROOT POSSIBLE !!! PLEASE BE ATTENTIVE !!!

From: Rudolf Polzer (divzero_at_gmail.com)
Date: 07/03/04

  • Next message: joe: "RE: [Full-Disclosure] Name One Web Site Compromised by Download.Ject?" 
    To: Maarten <fulldisc@ultratux.org>
Date: Sat, 3 Jul 2004 18:18:59 +0200

    On Sat, 3 Jul 2004 12:56:50 +0200, Maarten <fulldisc@ultratux.org> wrote:
    > Indeed. But the fact that many READMEs of php code still say something like
    > "Sadly, there is a bug in <distribution foobar> in the php.ini file. Set
    > register_globals to ON, otherwise this software will not function."
    > That they even dare calling it a "bug" is beyond arrogance.

    IMHO it will be nice if one could override some php.ini settings on a
    per-script basis. For example at parsing time using a comment like

    <?php5
    #[smartquotes=on register_globals=off]
    ?>

    of course not all settings should be able to be overridden...

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html

  • Next message: joe: "RE: [Full-Disclosure] Name One Web Site Compromised by Download.Ject?"

    Relevant Pages

    • Re: Domain Password Policy
      ... override this at a lower level unless you plan on logging onto the machines ... I have a client that claims that their password settings are controlled by their Active Directory Group Policy settings and that they cannot override the settings for certain individual accounts. ... My understanding was the GP settings could be overriden based on individual user account properties, but before I start making claims to the client, I'd like to know that it is right. ...
      (microsoft.public.windows.server.active_directory)
    • Re: Exchange 2003 Message size configuration
      ... Per-User configuration for override globally defined ... Per-User configuration for (Receiving Size Limit) takes precedence over ... globally defined settings. ... Per-User and Global configurations for do NOT override ...
      (microsoft.public.exchange.admin)
    • Re: Exchange 2003 Message size configuration
      ... the best way to do it would be using ADUC and specifying the increased limit ... This will override any settings specified Globally. ... You have your understanding of effective settings backwards. ... something at the user then you are overriding both Global and Virtual SMTP ...
      (microsoft.public.exchange.admin)
    • Re: Exchange 2003 Message size configuration
      ... > the best way to do it would be using ADUC and specifying the increased limit ... This will override any settings specified Globally. ... > something at the Virtual Server which overrides Global Settings. ...
      (microsoft.public.exchange.admin)
    • web.config in subdirectory related query
      ... "Do i have to make each subfolder VirtualDirectory?" ... Beacuse you can't override that kind of settings :-( ... out /invalid login ...
      (microsoft.public.dotnet.framework.aspnet.security)