Would the designers consider supporting register_globals = Off? I'd love to run cacti, but having it on is too much of a security hole for our servers.
Justin
support for register_globals = Off
Moderators: Developers, Moderators
I know, if only I had known this way back when
Anyhow since this is sort of an "overhaul feature", it will have to wait until 0.8. Don't worry though, so far I have not used any global variables when working with 0.8. All it will take is a little testing at the end, and everyone should be happy (and secure ).
-Ian
Anyhow since this is sort of an "overhaul feature", it will have to wait until 0.8. Don't worry though, so far I have not used any global variables when working with 0.8. All it will take is a little testing at the end, and everyone should be happy (and secure ).
-Ian
Re: support for register_globals = Off
until .8 (or whenever globals off supported) devote its own apache add an additional http auth password to the entire cacti site and run it over ssl, so you only have to worry about YOUR users attempting php hacks.JustinHoMi wrote:Would the designers consider supporting register_globals = Off? I'd love to run cacti, but having it on is too much of a security hole for our servers.
Justin
Who is online
Users browsing this forum: No registered users and 1 guest