If users doesn't have shell access to the server, he can read any file what is accessable by httpd user.
Click Filters->Incoming and put:
from-file /etc/passwd ok
then click "Save". Then You can see this file in "Lists".
I'm using "no-su" mode.
Solution: Chroot environment or change tmda-cgi that it can read only files in user .tmda directory.
Best Regards Maciej Bogucki
_________________________________________________ tmda-workers mailing list ([EMAIL PROTECTED]) http://tmda.net/lists/listinfo/tmda-workers
