Hi,
I have discovered security hole I think:
If I will create symlink in fileman's manage catalog, for example this way:
ln -s / link_to_root
Then root catalog will accessible via fileman and I will able to surf in all server's harddrive!
May be you have to disable symlinks processing?
Regards,
Artyom
I have discovered security hole I think:
If I will create symlink in fileman's manage catalog, for example this way:
ln -s / link_to_root
Then root catalog will accessible via fileman and I will able to surf in all server's harddrive!
May be you have to disable symlinks processing?
Regards,
Artyom