Staredit Network

Care to list them?

If you allow users to have full access to an ftp directory - its done. PHP is far more destructive then you think. You can run shell commands and find out passwords with it.

Even when you log in as annoymous, theres always a way. You NEVER let anyone have access to ftp who shouldn't. Its far too risky.

I don't even know how to do that.
Besides... don't allow uploads... and allow deletes. Security risk downgraded from minimal to none.

I bet you could also configure cpanel to not allow any direct http requests to certain folders.

Don't trust it. There are ways to bring your premissions up and so on.

No, I don't know how. But its one of the key things about maintaining websites, is don't give server access where it isn't required. There are vunerabilities coming out everyday with stuff like this.

You say "no ones going to spend the countless days trying to do it", but I have a saying, "theres always a 16 year old kid in sweeden who will".

I see your point, Yoshi. Now I see that there is a very high security risk out there with FTP access. One day there may some one coming across the site, That know's how to get higher permission in the FTP, And just delete evreything, That evreyone loved, And evreyone worked on.

I was just looking at the melee regular maps section and just could NOT believe what i was seeing....

Estrella.... gaia.... U-boat, Gamea Gowon... All in the REGULAR map section when other not-pro maps are in the pro section....

Many of those recently submitted maps were all pro maps. Estrella and Gaia were even used in the WCG.

I already tried reasoning with him. I used to have FTP access to it.

I think we can trust the current dldb team to not post l/p to their ftp to the world.

Besides... you were thinking of letting season on the admin team to help code and I, and most likely you too, have no idea who he is .