Yii Framework Forum: Xtreme Football Net for XBOX360 and PS3 Madden Online Franchises - Yii Framework Forum

Jump to content

  • (2 Pages)
  • +
  • 1
  • 2
  • You cannot start a new topic
  • You cannot reply to this topic

Xtreme Football Net for XBOX360 and PS3 Madden Online Franchises Rate Topic: -----

#21 User is offline   pcs2112 

  • Junior Member
  • Pip
  • Yii
  • Group: Members
  • Posts: 79
  • Joined: 31-July 10

Posted 09 December 2010 - 03:39 PM

View Postjacmoe, on 09 December 2010 - 03:14 PM, said:

If you're planning to have someone help you, don't you think they should be able to see what they're helping out with?

About people and permissions:
There is no way people can mess with the file system, unless you have set permissions to 777.
That's simply not possible. :)

The only way it can happen is if you're using a regular un-encrypted FTP connection while working on the site.
Then malicious personage can sniff your username and password easily, and thus gain total access.
The rule is: use SFTP whenever possible.
If your host is not offering SSH access, you can't trust that the source is safe. ;)
It happened to me on Dreamhost once, and after changing all shell passwords and start using SFTP, it hasn't happened since then.


Sorry i should be more specific, what i mean is that i wanted somebody to help me with the appearance of the site and maybe implement new features besides what i already had done.

about the file browsing on my Account, let me give you an scenario:

/home/vince is my accounts home directory,
/home/vince/public_html/xtreme-madden.net is my Yii's app dir
/home/vince/EA-framework is the dir where i keep all the important stuff, like actions to display stats, parse xml, filters, etc ...

If i gave you ftp access to /home/public_html/xtreme-madden.net you could easily write a script similar to the one posted here http://shiflett.org/.../shared-hosting to get the content of the files under /home/EA-framework


http://shiflett.org/.../shared-hosting
0

#22 User is offline   jacmoe 

  • Elite Member
  • Yii
  • Group: Moderators
  • Posts: 2,601
  • Joined: 10-October 10
  • Location:Denmark

Posted 09 December 2010 - 03:52 PM

This is really going off-topic fast, but.. you *are* monitoring your file system, aren't you?
So you would know if me, or any other person, modified it, right? :)
If you just follow some simple rules, you should be safe.
"Less noise - more signal"
0

#23 User is offline   pcs2112 

  • Junior Member
  • Pip
  • Yii
  • Group: Members
  • Posts: 79
  • Joined: 31-July 10

Posted 09 December 2010 - 03:57 PM

View Postjacmoe, on 09 December 2010 - 03:52 PM, said:

This is really going off-topic fast, but.. you *are* monitoring your file system, aren't you?
So you would know if me, or any other person, modified it, right? :)
If you just follow some simple rules, you should be safe.


Yeah you're right haha ... i do monitor the filesystem i was just worried of somebody stealing the code and making a profict out of my code without my concent. The demand for this type of software i think is huge, i already have over 900 users in exactly 1 month.
0

#24 User is offline   Mike 

  • Elite Member
  • PipPipPipPipPip
  • Yii
  • Group: Members
  • Posts: 3,016
  • Joined: 06-October 08
  • Location:Upper Palatinate

Posted 10 December 2010 - 03:25 AM

View Postpcs2112, on 09 December 2010 - 01:02 PM, said:

Sorry for not being very technical but here is an article that references what i meant in my post (focus on the "Browsing with PHP" section). http://shiflett.org/.../shared-hosting


Also check out the open_basedir configuration directive in PHP. Maybe you can build some restrictions with it.
0

Share this topic:


  • (2 Pages)
  • +
  • 1
  • 2
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users