Text only | Text with Images

coppermine-gallery.com/forum

Support => cpg1.4.x Support => Older/other versions => cpg1.4 upgrading => Topic started by: natalina on June 29, 2006, 07:30:35 AM

Title: 1.48 - about security
Post by: natalina on June 29, 2006, 07:30:35 AM
I did upgrade the day before & yesterday unregistered visitor upload file to public album ( in groups i didn't allow unregistered to upload files).  I\m worring because that file isn't just a picture - it looks like rar archive but it's the program called PhpShell which theoretically allows to delete & move files. I suppose it didn't work (fortunately) but it shows that inspite of permissions unregistered users do have a chance to upload files(: Any ideas?
Title: Re: 1.48 - about security
Post by: Tranz on June 29, 2006, 07:36:46 AM
In Groups manager, is the guest/anonymous group allowed to upload?

Nevermind, I didn't understand what you wrote earlier. Now I do.
Title: Re: 1.48 - about security
Post by: Joachim Müller on July 04, 2006, 08:24:33 AM
Post a link to your coppermine gallery.
Title: Re: 1.48 - about security
Post by: natalina on July 04, 2006, 08:32:38 AM
Here it is: http: www.forma.spb.ru/architect_gallery/
Thanks
Title: Re: 1.48 - about security
Post by: Joachim Müller on July 04, 2006, 07:24:16 PM
You have enabled uploads for anonymous/guest visitors. Correct this in the groups control panel, disallow uploads for guests. For further support, here's the clickable link: http://www.forma.spb.ru/architect_gallery/?lang=english
Title: Re: 1.48 - about security
Post by: natalina on July 04, 2006, 07:56:13 PM
Oh, thanks:)
Text only | Text with Images