[TYPO3-core] RFC #9474: Integrate OpenID authentication support to TYPO3
Xavier Perseguers
typo3 at perseguers.ch
Mon Oct 6 11:29:34 CEST 2008
Hi!
>> then this is not our problem if he acts this irresponsibly, after all
>> we can't cover all cases (especially not the user created stupid ones).
>
> It is not about acting irresponsibly. Lots of problems exists on Windows
> platform that allow to create such files remotely through exploits.
> Administrator can be completely unaware of it.
>
> This was the case for "Admin" (AKA "Nimda") virus several years ago.
> Even NTFS permissions did not always help. You remove the virus and it
> appears again within seconds. It is just impossible to fight it.
>
> Therefore I think such check is good. It costs nothing (comparing
> constant to a constant string) but provides better security.
I agree 100% with you.
--
Xavier Perseguers
http://xavier.perseguers.ch/en/tutorials/typo3.html
More information about the TYPO3-team-core
mailing list