The root security issue has been addressed in JRUN 4
-D
- Original Message -
From: "David Spacey" <[EMAIL PROTECTED]>
To: "JRun-Talk" <[EMAIL PROTECTED]>
Sent: Monday, January 13, 2003 7:03 AM
Subject: JSP security issues
> Hi All,
>
> I ac
> Firstly, our site specification requires a file upload
> section. I've just confirmed that it's possible to upload
> a JSP file, and have its code interpreted by Jrun. Not
> good at all. 8-( My preferred fix is to have the uploads
> go into their own directory, which Jrun is configured
> *
Hi All,
I act as administrator on a Redhat 7.1 system running Jrun 3.1 with the
Sun JRE. I've spotted some security issues, which I could use some
advice on.
Firstly, our site specification requires a file upload section. I've
just confirmed that it's possible to upload a JSP file, and have
