(RADIATOR) security with radwho.cgi
Utku Er
erutku at netone.net.tr
Thu Oct 31 08:21:53 CST 2002
Hi,
I was using RADIATOR radwho CGI scripts for a long time. Some time ago I log into my machine and see my database ip, port, database username and database password in the /tmp/xxx file in a world readable format... I see that radwho.cgi within the radiator package creates this file.
Maybe this isn't a big security thread but maybe some people see this file and wonder what it is.
I create scripts in my internal machines and get session table directly from the database.
Utku.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.open.com.au/pipermail/radiator/attachments/20021031/cdc846b3/attachment.html>
More information about the radiator
mailing list