full ack.
Am 07-01-2013 00:56, schrieb Reindl Harald:
Am 06.01.2013 23:51, schrieb Geert Wirken:
On 01/06/2013 06:55 PM, Reindl Harald wrote:
then it is a bug
includes have to make sure that they are NEVER called diretly
especially if they are throwing errors which may lead to a DOS
attack by filling the filesystem with logs and if someone as good
reportings the mailserver too
We're talking about a script in the /installation/ directory which
should be removed after installing Roundcube, which makes the
probability of a successful DoS attack significantly smaller...
a bug is a bug
you can hope everbody removes /installation/ or make
it secure by design - what do you think is the better
choice?
most users of any software still have no knowledge at all
this was always so and will not change in the near future
_______________________________________________
Roundcube Development discussion mailing list
[email protected]
http://lists.roundcube.net/mailman/listinfo/dev
_______________________________________________
Roundcube Development discussion mailing list
[email protected]
http://lists.roundcube.net/mailman/listinfo/dev
