[horde] Two questions: menu.php and test.php

Eric Rostetter eric.rostetter at physics.utexas.edu
Tue Jul 15 19:36:35 PDT 2003


Quoting Chuck Hagenbuch <chuck at horde.org>:

> Quoting "Kevin M. Myer" <kevin_myer at iu13.org>:
> 
> > Second issue relates to the various test.php files that are included with
> the
> > various components.  While there are strong warnings in the documentation
> to
> > remove or otherwise disable access to these files after you're done using
> > them, I'd much prefer to see a "secure-by-default" approach taken, where
> >
> Any workable suggestions for how to do this would be welcome. Authentication
> isn't one of them, I don't think...

One silly idea is to have it check at the time of an admin login and report
if the test files are executable, giving some kind of warning to the admin
that they should disable them if they no longer need them...

But this would only work in HEAD where we have an admin login...  Not sure
how you could do something similar in RELENG.

> -chuck

-- 
Eric Rostetter
The Department of Physics
The University of Texas at Austin
 
Why get even? Get odd!



More information about the horde mailing list