Oh, yes, if you're really paranoid, you could try out something like
img_auth.php (
http://www.mediawiki.org/wiki/Manual:Image_Authorisation). I
think that article is more for limiting viewing privileges, but img_auth
could probably be used for what you asked about.
On 4/22/07, Emufarmers Sangly <emufarmers(a)gmail.com> wrote:
You could try some of the stuff on the talk page (
http://meta.wikimedia.org/wiki/Talk:Documentation:Security#Download_Securit… like
what you want), but, ultimately, I would just be careful with
the allowed file extensions: You don't want untrusted users being able to
upload PHP files! Also, see if you can avoid giving world and group write
permissions on the upload directory.
On 4/22/07, Eric K <ek79501(a)yahoo.com> wrote:
I'm reading this:
http://meta.wikimedia.org/wiki/Documentation:Security#Upload_security
I still want to make the system as safe as possible so that a hacker
can never upload anything malicious and run it. Our server was compromised
but that was through someone who was using an unsafe CMS.
Is there anything like, setting the Uploads directory to a directory
that is outside the WWW root, so even if a hacker uploads a scipt, he cant
run it using the browser, because its not accessible?
And also I guess we should set the permissions of that directory to be
non-executable, but writebable by all?
thanks
Eric
---------------------------------
Ahhh...imagining that irresistible "new car" smell?
Check outnew cars at Yahoo! Autos.
_______________________________________________
MediaWiki-l mailing list
MediaWiki-l(a)lists.wikimedia.org
http://lists.wikimedia.org/mailman/listinfo/mediawiki-l
--
Emufarmers Sangly
Pirate, Cowboy,
Hellraiser
--
Emufarmers Sangly
Pirate, Cowboy,
Hellraiser