What kind of multisite security issues are their with php filter enabled?
Posted by that0n3guy on July 10, 2010 at 10:28pm
Hey all,
I am wondering what kind of hacking a person could do on a multisite environment if php filter is enabled? Can they access other sites?
If so, isn't this more than a "php filter" issue and also any cck field (since you can do php stuff in their also) is also a hazard?
If there are issues, how do you host many sites on the same aegir server for different users (who want full access to drupal) if they can potentially hack into other sites?
Sorry, thats a load... just thought about it.
-Peter
Read more