Topic: 1.48 - about security (Read 5926 times)

natalina · « **on:** June 29, 2006, 07:30:35 am »

I did upgrade the day before & yesterday unregistered visitor upload file to public album ( in groups i didn't allow unregistered to upload files). I\m worring because that file isn't just a picture - it looks like rar archive but it's the program called PhpShell which theoretically allows to delete & move files. I suppose it didn't work (fortunately) but it shows that inspite of permissions unregistered users do have a chance to upload files(: Any ideas?

Tranz · « **Reply #1 on:** June 29, 2006, 07:36:46 am »

~~In Groups manager, is the guest/anonymous group allowed to upload?~~

Nevermind, I didn't understand what you wrote earlier. Now I do.

Joachim Müller · « **Reply #2 on:** July 04, 2006, 08:24:33 am »

Post a link to your coppermine gallery.

natalina · « **Reply #3 on:** July 04, 2006, 08:32:38 am »

Here it is: http: www.forma.spb.ru/architect_gallery/
Thanks

Joachim Müller · « **Reply #4 on:** July 04, 2006, 07:24:16 pm »

You have enabled uploads for anonymous/guest visitors. Correct this in the groups control panel, disallow uploads for guests. For further support, here's the clickable link: http://www.forma.spb.ru/architect_gallery/?lang=english

natalina · « **Reply #5 on:** July 04, 2006, 07:56:13 pm »

Oh, thanks:)

News:

Author Topic: 1.48 - about security (Read 5926 times)

natalina

1.48 - about security

Tranz

Re: 1.48 - about security

Joachim Müller

Re: 1.48 - about security

natalina

Re: 1.48 - about security

Joachim Müller

Re: 1.48 - about security

natalina

Re: 1.48 - about security