PEAK XOOPS - Re: New hack that is using XFSection

Top > XOOPS Modules >Protector >New hack that is using XFSection

Re: New hack that is using XFSection

List posts in the topic

Re: New hack that is using XFSection

msg# 1.1.1

depth:: 2

Previous post - Next post | Parent - Children.1 | Posted on 2007/6/12 19:02 | Last modified

Xooby

Posts: 15

Hi GIJOE,

You're right. Protector does report "turn allow_url_fopen off". I'm dealing with this with the hosters.

Do you have a list of modules that allow this 'crack'

Could Protector do a sanity check on installed modules? That would be a neat idea to implement if it were possible.

Quote from my hoster
"Many scripts rely on allow_url_fopen the first one that springs to mind is RSS feeds. These will no longer work if allow_url_fopen(); is disabled without some interesting use of the curl function (which again has its own security risks for shared customers and insecure scripts)."

Regards
Ashley

Votes:1 Average:10.00

Posts tree

New hack that is using XFSection (Xooby, 2007/6/8 21:13)
- Re: New hack that is using XFSection (GIJOE, 2007/6/9 4:49)
  - Re: New hack that is using XFSection (Xooby, 2007/6/12 19:02)
    - Re: New hack that is using XFSection (GIJOE, 2007/6/14 4:19)
      - Re: New hack that is using XFSection (Xooby, 2007/7/7 15:19)
        
        Re: New hack that is using XFSection (gigamaster, 2007/7/8 3:42)
        
        Re: New hack that is using XFSection (Xooby, 2007/7/10 1:17)
        
        Why Xoops and modules code are always full of security holes (gigamaster, 2007/7/11 4:13)
        
        Re: Why Xoops and modules code are always full of security holes (GIJOE, 2007/7/12 5:33)

Lost Password?

Register now!