jdd wrote:
Le 13/12/2016 à 19:56, Per Jessen a écrit :
Even when it's only an unprivileged account, it's still worrying. I guess you don't which account it is?
I stupidly neglected to look at the (evil) file owner, but I know what account it is, for sure
I'm not the only one that have the problem (search for "piwigo cialis").
aha, I see. So the weakness is clearly in the gallery software. I googled "piwigo vulnerabilities", quite a few interesting hits.
the piwigo dev that works on it said that he think its a ftp problem.
TBH, that sounds like a lame excuse for "I don't know, but surely it isn't me". ftp is easy to set up so it is safe to use and any setup would be separate from piwigo anyway. if this is an ongoing problem, apparmor could probably help you. -- Per Jessen, Zürich (0.8°C) http://www.dns24.ch/ - your free DNS host, made in Switzerland. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org