Drupal Security Alert - File Uploads

Results 1 to 1 of 1

This is a discussion on Drupal Security Alert - File Uploads in the Shared & Semi-Dedicated forum
If you are running Drupal, and allow file uploads, make sure that you have the file uploads being handled by Drupal. You want: "Download method: ...

LinkBack
- LinkBack URL
- About LinkBacks
- Bookmark & Share
- Digg this Thread!
- Add Thread to del.icio.us
- Bookmark in Technorati
- Tweet this thread
Thread Tools
- Show Printable Version
- Subscribe to this Thread…
Display
- Linear Mode
- Switch to Hybrid Mode
- Switch to Threaded Mode

12-11-2006, 08:52 PM #1
akreider2

Loyal Client

Join Date

Jan 2005

Posts

159
Drupal Security Alert - File Uploads

If you are running Drupal, and allow file uploads, make sure that you have the file uploads being handled by Drupal.

You want:
"Download method:
Private - files are transferred by Drupal."

Otherwise you have a massive gaping security hole in your site.

Aaron
Share

Share this post on

Digg

Del.icio.us

Technorati

Twitter
Reply With Quote