/[docman2]/doc/admin.html
This is repository of my old source code which isn't updated any more. Go to git.rot13.org for current projects!
ViewVC logotype

Diff of /doc/admin.html

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

revision 1.5 by dpavlin, Sun Jul 28 11:40:08 2002 UTC revision 1.6 by dpavlin, Sun Jul 28 11:48:30 2002 UTC
# Line 12  read that, right?</i>) Line 12  read that, right?</i>)
12  <a href="upgrade.html">Upgrade from v1.x</a>  <a href="upgrade.html">Upgrade from v1.x</a>
13  <li><a href="new_directory_layout.html">New Directory Layout</a> and how that increase security  <li><a href="new_directory_layout.html">New Directory Layout</a> and how that increase security
14  <li><a href="performance.html">Performance tips</a>  <li><a href="performance.html">Performance tips</a>
15    <li><a href="trustee.html">Trustee</a> documentation (ACL)
16  </ol>  </ol>
17    
18  <h2>Errors</h2>  <h2>Errors</h2>
# Line 111  which are local to that repository. Usua Line 112  which are local to that repository. Usua
112  using <a href="#path_realm">script path</a> as realm identifier.  using <a href="#path_realm">script path</a> as realm identifier.
113    
114  <a name="security">  <a name="security">
115  <h2>Overview of security fetures</h2>  <h2>Overview of security features</h2>
116    
117  <ul>  <ul>
118  <li>authorisation using login and password  <li>authorization using login and password
119  <li>works without <A href="#register_globals">register_globals</a> in PHP.  <li>works without <A href="#register_globals">register_globals</a> in PHP.
120  <li>all directory names taken from URL will be checked for parent directory  <li>all directory names taken from URL will be checked for parent directory
121  strings (<tt>..</tt>)  strings (<tt>..</tt>)
122  <li>all upload filenames are check for directory specification (if they  <li>all upload filenames are check for directory specification (if they
123  contain slash (<tt>/</tt>) upload will be aborted)  contain slash (<tt>/</tt>) upload will be aborted)
124  <li>all filenames taken from URL will be checked for parent directory (<tt>..</tt>) or slashes (<tt>/</tt>)  <li>all filenames taken from URL will be checked for parent directory (<tt>..</tt>) or slashes (<tt>/</tt>)
125  <li>all files are serverd from repository directory (which is not visible by web server) by <tt>docman.php</tt> script which enforces permission checking  <li>all files are served from repository directory (which is not visible by web server) by <tt>docman.php</tt> script which enforces permission checking
126    <li><a href="trustee.html">trustees</a> can be used to provide fine-graded
127    security permissions on files and directories
128  </ul>  </ul>
Legend:
Removed from v.1.5  
changed lines
  Added in v.1.6
  ViewVC Help
Powered by ViewVC 1.1.26