Mailinglisten-Archive |
This is a multi-part message in MIME format.
------=_NextPart_000_0020_01C24192.161D12F0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Hallo User der Liste,
=20
Ich habe ein Rechte Problem auf meinem Server. Wenn ich die Zugangsdaten
f=FCr die MySQL Datenbank f=FCr die Connection in einem PHP File stehen
habe, dann kann man mit Zugriff auf die Shell ohne weiteres die Datei
auslesen, wenn man weiss wo diese im Verzeichnisbaum liegt. Leider muss
man auch Files die man included Rechte f=FCr "read" geben, somit kann
jeder User auf dem System diese Files einsehen.
=20
Hat einer von euch ne L=F6sung, wie ich diese Datei mit dem Passwort
sch=FCtze?
=20
Danke,
Michael
=20
=20
------=_NextPart_000_0020_01C24192.161D12F0
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<html xmlns:o=3D"urn:schemas-microsoft-com:office:office" =
xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns=3D"http://www.w3.org/TR/REC-html40">
<head>
<META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =
charset=3Diso-8859-1">
<meta name=3DProgId content=3DWord.Document>
<meta name=3DGenerator content=3D"Microsoft Word 10">
<meta name=3DOriginator content=3D"Microsoft Word 10">
<link rel=3DFile-List href=3D"cid:filelist.xml_(at)_01C24192.15B52960">
<!--[if gte mso 9]><xml>
<o:OfficeDocumentSettings>
<o:DoNotRelyOnCSS/>
</o:OfficeDocumentSettings>
</xml><![endif]--><!--[if gte mso 9]><xml>
<w:WordDocument>
<w:SpellingState>Clean</w:SpellingState>
<w:GrammarState>Clean</w:GrammarState>
<w:DocumentKind>DocumentEmail</w:DocumentKind>
<w:HyphenationZone>21</w:HyphenationZone>
<w:EnvelopeVis/>
<w:Compatibility>
<w:BreakWrappedTables/>
<w:SnapToGridInCell/>
<w:WrapTextWithPunct/>
<w:UseAsianBreakRules/>
</w:Compatibility>
<w:BrowserLevel>MicrosoftInternetExplorer4</w:BrowserLevel>
</w:WordDocument>
</xml><![endif]-->
<style>
<!--
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{mso-style-parent:"";
margin:0cm;
margin-bottom:.0001pt;
mso-pagination:widow-orphan;
font-size:12.0pt;
font-family:"Times New Roman";
mso-fareast-font-family:"Times New Roman";}
a:link, span.MsoHyperlink
{color:blue;
text-decoration:underline;
text-underline:single;}
a:visited, span.MsoHyperlinkFollowed
{color:purple;
text-decoration:underline;
text-underline:single;}
span.EmailFormatvorlage17
{mso-style-type:personal-compose;
mso-style-noshow:yes;
mso-ansi-font-size:10.0pt;
mso-bidi-font-size:10.0pt;
font-family:Arial;
mso-ascii-font-family:Arial;
mso-hansi-font-family:Arial;
mso-bidi-font-family:Arial;
color:windowtext;}
span.SpellE
{mso-style-name:"";
mso-spl-e:yes;}
_(at)_page Section1
{size:595.3pt 841.9pt;
margin:70.85pt 70.85pt 2.0cm 70.85pt;
mso-header-margin:35.4pt;
mso-footer-margin:35.4pt;
mso-paper-source:0;}
div.Section1
{page:Section1;}
-->
</style>
<!--[if gte mso 10]>
<style>
/* Style Definitions */=20
table.MsoNormalTable
{mso-style-name:"Normale Tabelle";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-parent:"";
mso-padding-alt:0cm 5.4pt 0cm 5.4pt;
mso-para-margin:0cm;
mso-para-margin-bottom:.0001pt;
mso-pagination:widow-orphan;
font-size:10.0pt;
font-family:"Times New Roman";}
</style>
<![endif]-->
</head>
<body lang=3DDE link=3Dblue vlink=3Dpurple =
style=3D'tab-interval:35.4pt'>
<div class=3DSection1>
<p class=3DMsoNormal style=3D'mso-layout-grid-align:none'><font size=3D2
face=3D"Courier New"><span =
style=3D'font-size:10.0pt;font-family:"Courier New"'>Hallo
User der Liste,<o:p></o:p></span></font></p>
<p class=3DMsoNormal style=3D'mso-layout-grid-align:none'><font size=3D2
face=3D"Courier New"><span =
style=3D'font-size:10.0pt;font-family:"Courier =
New"'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal style=3D'mso-layout-grid-align:none'><font size=3D2
face=3D"Courier New"><span =
style=3D'font-size:10.0pt;font-family:"Courier New"'>Ich
habe ein Rechte Problem auf meinem Server. Wenn ich die Zugangsdaten =
f=FCr die <span
class=3DSpellE>MySQL</span> Datenbank f=FCr die <span =
class=3DSpellE>Connection</span>
in einem PHP File stehen habe, dann kann man mit Zugriff auf die Shell =
ohne
weiteres die Datei auslesen, wenn man <span class=3DSpellE>weiss</span> =
wo diese
im Verzeichnisbaum liegt. Leider muss man auch Files die man <span
class=3DSpellE>included</span> Rechte f=FCr "<span =
class=3DSpellE>read</span>"
geben, somit kann jeder User auf dem System diese Files =
einsehen.<o:p></o:p></span></font></p>
<p class=3DMsoNormal style=3D'mso-layout-grid-align:none'><font size=3D2
face=3D"Courier New"><span =
style=3D'font-size:10.0pt;font-family:"Courier =
New"'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal style=3D'mso-layout-grid-align:none'><font size=3D2
face=3D"Courier New"><span =
style=3D'font-size:10.0pt;font-family:"Courier New"'>Hat
einer von euch ne L=F6sung, wie ich diese Datei mit dem Passwort =
sch=FCtze?<o:p></o:p></span></font></p>
<p class=3DMsoNormal style=3D'mso-layout-grid-align:none'><font size=3D2
face=3D"Courier New"><span =
style=3D'font-size:10.0pt;font-family:"Courier =
New"'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal style=3D'mso-layout-grid-align:none'><font size=3D2
face=3D"Courier New"><span =
style=3D'font-size:10.0pt;font-family:"Courier =
New"'>Danke,<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3D"Courier New"><span =
style=3D'font-size:10.0pt;
font-family:"Courier New"'>Michael</span></font><font size=3D2 =
face=3DArial><span
style=3D'font-size:10.0pt;font-family:Arial'><o:p></o:p></span></font></p=
>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
</div>
</body>
</html>
------=_NextPart_000_0020_01C24192.161D12F0--
---
Infos zur Mailingliste, zur Teilnahme und zum An- und Abmelden unter
-->> http://www.4t2.com/mysql
php::bar PHP Wiki - Listenarchive