[TYPO3-core] RFC #8802: Fileadmin: extensions of new files
Steffen Gebert
steffen at steffen-gebert.de
Thu Aug 20 18:41:54 CEST 2009
On Thu, 20 Aug 2009 14:17:21 +0200, Michael Stucki <michael at typo3.org>
wrote:
> .inc files normally cannot be executed directly but .php files can. This
> means, you are unable to write and execute a backdoor using a .inc file.
I read tipps that you should configure your PHP interpreter to parse .inc
files because otherwise sb. might be able to read your code using HTTP (if
he nows the file name).
Don't know, if anybody configures his server this way, but I assume there
are some.
Steffen
More information about the TYPO3-team-core
mailing list