Beefy Boxes and Bandwidth Generously Provided by pair Networks
go ahead... be a heretic
 
PerlMonks  

Re^5: Removing malicious HTML entities (now with more questions!)

by sasdrtx (Friar)
on Aug 16, 2008 at 15:51 UTC ( #704699=note: print w/ replies, xml ) Need Help??


in reply to Re^4: Removing malicious HTML entities (now with more questions!)
in thread Removing malicious HTML entities (now with more questions!)

That open should fail, as you're trying to go to the parent directory of the root node. And the fundamental point is, the root node for serving documents is not the file system's root node, and there's no URL that would allow access to it (assuming a non-insane configuration). So put your password file at '/etc/secret/password.txt' or any other location outside the web server's document directory structure, and it will not be accessible by browsing, even if the path and file name is known.

There is no rule that requires any file to be directly accessible by URL. What can be accessed is controlled by the server configuration.


sas


Comment on Re^5: Removing malicious HTML entities (now with more questions!)

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://704699]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others imbibing at the Monastery: (6)
As of 2014-12-27 05:43 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    Is guessing a good strategy for surviving in the IT business?





    Results (176 votes), past polls