Re: [Gnump3d-users] Security Hole found in gnump3d

gnump3d-users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Gnump3d-users] Security Hole found in gnump3d

From:	Craig Meyer
Subject:	Re: [Gnump3d-users] Security Hole found in gnump3d
Date:	Sat, 1 Dec 2007 23:17:22 -0500

Hello,

    I removed the problem (for theme Tabular) by editing /usr/share/gnump3d/Tabular/error.html (or check your theme_directory in /etc/gnump3d/gnump3d.conf)

I merely removed the section which displays the header

<ul id="tabmenu">
<li><a href=""><li><a href="" by Tag</a></li>
<li><a href="" Playlist</a></li>
<li><a href="" Selection</a></li>
<li><a href="" Directory</a></li>
<li><a href=""
<li><a href=""><li><a href=""><li><a href=""
</ul>

So, these links are not displayed after an error.

Also, I edited gnump3d

Right after line: 1057
            #
            # Make sure the user is authorized to view this
            # plugin.
            #
            # Don't do this if password protection is disabled.
            #
            my $pass = &getConfig( "enable_password_protection", 0 ); # <= line 1057
            $pass = 1; # hardcode always check password
            if ( $pass )
            {
                &testDirectoryAccess( "/", $data );
            }

Hope this helps,
Craig

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Gnump3d-users] Security Hole found in gnump3d, Craig Meyer <=

Next by Date: [Gnump3d-users] Too many files???
Next by thread: [Gnump3d-users] Too many files???
Index(es):
- Date
- Thread