On Wed, 8 Mar 2006, Ross Werner wrote:
What kind of "frightening security breaches" are we talking here, out of
curiousity? I mean, let's say (hypothetically speaking) I was running a phpBB
on remote hosting on a computer I didn't even have shell access to (I don't
even think it's set up to allow PHP to run commands), and I do nightly
backups of the phpBB data. Do I have anything at all to worry about?
~ Ross
The breaches I was referring to were the ones that other people replying
to this thread were mentioning. I am not quite sure I understand the
scenario you presented. Most web servers are run on "remote" machines, if
by remote you mean that you are not sitting at the actual machine. The
most recent big security bug can be read about here:
http://news.netcraft.com/archives/2005/12/22/exploit_targets_new_phpbb_security_hole.html
At the time that came out there was a lot of hoopla about how buggy and
unsecure phpBB is. Of course the phpBB dev team quickly had a fix and
life went on. No system is perfect. Most people probably know more about
phpBB bugs because of how well known phpBB is.
I hope this helps. Your mileage may vary, of course.
Jonathan
/*
PLUG: http://plug.org, #utah on irc.freenode.net
Unsubscribe: http://plug.org/mailman/options/plug
Don't fear the penguin.
*/
