[wp-hackers] Forum Post
Robert Deaton
false.hopes at gmail.com
Mon May 23 20:21:42 GMT 2005
BTW, as far as exploits on the 1.5 codebase, there was one, an SQL
Injection vunerability in wp-trackback.php. Although not easily
exploitable, it still exist(ed). I don't remember if this got fixed or
not, but I do remember seeing it on the gentoo bug tracker
On 5/23/05, Ryan Duff <ryan at ryanduff.net> wrote:
> Scott Merrill wrote:
> > Kimmo Suominen wrote:
> >
> >>Provided "Override Options" is allowed in .htaccess -- if not, you get
> >>a server error. A blank "index.html" or "index.php" is assuming that
> >>one or the other is included in DirectoryIndex ("index.html" is the
> >>default, so I guess that would be a better choice than "index.php").
> >
> >
> > Since WordPress itself relies on index.php being a functional
> > DirectoryIndex, we can safely assume that blank index.php files will
> > function correctly inside our sub-directories. This is an easy thing to
> > do to calm some reactionary folks.
> >
> > Better still, perhaps, to make these subordinate index.php files
> > redirect to the main blog page.
>
> Sounds like quick fix for a silly problem. What was all the hype about :P
>
> --
> Ryan Duff
> http://ryanduff.net
> AIM: ryancduff
> irc.freenode.net #wordpress
>
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers
>
--
--Robert Deaton
http://somethingunpredictable.com
More information about the wp-hackers
mailing list