Batch Add Batch Add
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

Batch Add

Started by rtenny, May 30, 2005, 06:26:17 PM

Previous topic - Next topic

0 Members and 2 Guests are viewing this topic.

Print
Go Down Pages1
User actions

rtenny

May 30, 2005, 06:26:17 PM Last Edit: June 03, 2005, 06:59:33 AM by GauGau
Why can only admin use the batch add feature?? The manual just states "for securitz reason". I have my own dedicated server and only familiy members can use ist. I don't want to make them all "administrators". Is there another way?

Tranz

#1
May 30, 2005, 06:28:56 PM
mmm... if you don't understand the security implications, maybe you should not be maintaining your own server...

rtenny

#2
June 03, 2005, 01:11:49 AM
Quote from: TranzNDance on May 30, 2005, 06:28:56 PM
mmm... if you don't understand the security implications, maybe you should not be maintaining your own server...

this really help, thanks. >:(

already reprogrammed the code so no need to answer.

Tranz

#3
June 03, 2005, 05:56:29 AM
??? I thought I was helping. Maybe it wasn't very obvious... but it's like when someone says they have trouble seeing, and I'd suggest maybe they shouldn't drive... It's not something they want to hear but it's for their own good.

Joachim Müller

#4
June 03, 2005, 07:02:26 AM
chaning the coppermine code to allow everyone to batch-add is easy, but means that you have to allow users to ftp-upload, which is a huge security risk. Given just the url of your pgae any script kiddie can easily take over or break your site in one minute. This is why you shouldn't do that. It should be obvious that non-admins don't have ftp access. This is the reason why Thu suggested not to do what you're doing.
Print
Go Up Pages1
User actions