From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from ext-proxy-1.ftel.co.uk ([192.65.220.99]) by canuck.infradead.org with esmtps (Exim 4.43 #1 (Red Hat Linux)) id 1CuEMM-0002Wq-Pn for linux-mtd@lists.infradead.org; Thu, 27 Jan 2005 13:27:17 -0500 Message-ID: <41F93275.3090705@mesias.co.uk> Date: Thu, 27 Jan 2005 18:27:01 +0000 From: Cam MIME-Version: 1.0 To: =?ISO-8859-1?Q?J=F6rn_Engel?= References: <20050126205121.11236.qmail@web52705.mail.yahoo.com> <1106775037.6955.50.camel@weaponx.rchland.ibm.com> <1106819251.783.141.camel@baythorne.infradead.org> <20050127131702.GA22121@wohnheim.fh-wedel.de> <41F9127E.6030508@mesias.co.uk> <20050127163845.GA7755@wohnheim.fh-wedel.de> In-Reply-To: <20050127163845.GA7755@wohnheim.fh-wedel.de> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit Cc: linux-mtd@lists.infradead.org Subject: Re: JFFS3 document / wiki [OT] List-Id: Linux MTD discussion mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Jörn > Various bits of information on this were spread all over the place: > o Code examples of mysql - tons of buffer overflows. > o Code examples of php - same. > o Various hacks of machines based on either php or mysql > vulnerabilities. > o Some specific problems with some wiki implementations. > > Considering that most wikis use php, mysql or both, you can pretty > much get the idea. I cannot point to specific vulnerabilities or > exploits, but the only thing stopping me from owning your wiki is my > lack of interest. Sorry but I'm not convinced. The link is interesting but there is no mention of wikis. Also, php and mysql are used widely for other purposes, if it was as bad as you say, we would be in some kind of web apocalypse, which we're not. There are other wikis too (Java based or Perl/CGI in my case). Cheers, -Cam -- camilo@mesias.co.uk <--