Path: csiph.com!usenet.pasdenom.info!weretis.net!feeder1.news.weretis.net!feeder4.news.weretis.net!feeds.phibee-telecom.net!newsfeed.xs4all.nl!newsfeed1.news.xs4all.nl!xs4all!post.news.xs4all.nl!not-for-mail Return-Path: X-Original-To: python-list@python.org Delivered-To: python-list@mail.python.org X-Spam-Status: OK 0.053 X-Spam-Evidence: '*H*': 0.91; '*S*': 0.01; 'charset:iso-8859-7': 0.04; 'subject:into': 0.09; 'from:addr:rosuav': 0.16; 'from:name:chris angelico': 0.16; 'sat,': 0.16; 'wrote:': 0.18; 'pass': 0.26; 'values': 0.27; 'header:In-Reply-To:1': 0.27; 'message- id:@mail.gmail.com': 0.30; 'subject:Database': 0.31; 'received:google.com': 0.35; 'nov': 0.38; 'security,': 0.38; 'to:addr:python-list': 0.38; 'pm,': 0.38; 'legitimate': 0.39; 'to:addr:python.org': 0.39; 'locked': 0.84; '2013': 0.98 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; bh=ZwyKsmwA40rTtug8eVHb6UQx0XQYXfNf3JY5pC6sp9U=; b=Q+YedyIdhWumSTeFronSDjRZ2Qkpi40VOJtmSbQdb9ut5RVPHtC7e49iaYBpkeEs6h cxsCXSWkM2wEKeOQXInQwY8doz4paXoPLukiiv8nJTZjhYo+vH4PUHb5fbX2ZZENoHdx BPD7xNONQks19TCCu5JXa6374Nf+nOJKRoBd0LTG8aBbfdD3XozuZsl8d2yIxuiiYa8O GSYIz2ERwWh11Ox2hiK365F/tv9lO0RfLUnVNagd96GJkh3OkoeFzqXb/uifpwmrhNB4 R1Zc+U3bcIhyNQbpKGWz1b4ec0HPr5gjLDaHAx8WCDtHjeXxplRqvlY6VuGshZxhAoro ZH7w== MIME-Version: 1.0 X-Received: by 10.69.29.161 with SMTP id jx1mr12250153pbd.123.1383986380939; Sat, 09 Nov 2013 00:39:40 -0800 (PST) In-Reply-To: References: <527a5f79$1@news.synserver.de> Date: Sat, 9 Nov 2013 19:39:40 +1100 Subject: Re: To whoever hacked into my Database From: Chris Angelico To: python-list@python.org Content-Type: text/plain; charset=ISO-8859-7 Content-Transfer-Encoding: quoted-printable X-BeenThere: python-list@python.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: General discussion list for the Python programming language List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Newsgroups: comp.lang.python Message-ID: Lines: 10 NNTP-Posting-Host: 2001:888:2000:d::a6 X-Trace: 1383986383 news.xs4all.nl 15953 [2001:888:2000:d::a6]:47568 X-Complaints-To: abuse@xs4all.nl Xref: csiph.com comp.lang.python:58917 On Sat, Nov 9, 2013 at 7:31 PM, =CD=DF=EA=EF=F2 =C1=EB=E5=EE=FC=F0=EF=F5=EB= =EF=F2 wrote: > if page and os.path.isfile( cgi_path + page ) in os.listdir( cgi_path ): > > Try pass bogus values again into my database! Well done! *slow clap* In the interests of security, you have just locked everything out, including legitimate usage! ChrisA