Directory permissions
Posted: Thu Jun 04, 2009 10:44 pm
Hi,
I just realized some "readers" are accessing the plug-ins of the blog like hostname/plugin/ls-js, then they can read the code: ..i.e.
which kind of permissions do we have to apply to the directories?
Please, advise, this looks a security hole and I would like to cover it up quick before anything happens
Thanks very much
Ran
I just realized some "readers" are accessing the plug-ins of the blog like hostname/plugin/ls-js, then they can read the code: ..i.e.
Code: Select all
/*
// +----------------------------------------------------------------------+
// | Copyright (c) 2004 Bitflux GmbH |
// +----------------------------------------------------------------------+
// | Licensed under the Apache License, Version 2.0 (the "License"); |
// | you may not use this file except in compliance with the License. |
// | You may obtain a copy of the License at |
// | http://www.apache.org/licenses/LICENSE-2.0 |
// | Unless required by applicable law or agreed to in writing, software |
// | distributed under the License is distributed on an "AS IS" BASIS, |
// | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or |
// | implied. See the License for the specific language governing |
// | permissions and limitations under the License. |
// +----------------------------------------------------------------------+
// | Author: Bitflux GmbH <devel@bitflux.ch> |
// +----------------------------------------------------------------------+
*/
var liveSearchReq = false;
var t = null;
var liveSearchLast = "";
var isIE = false;
Please, advise, this looks a security hole and I would like to cover it up quick before anything happens
Thanks very much
Ran