Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.lang.python > #55350
| Path | csiph.com!usenet.pasdenom.info!aioe.org!news.stack.nl!newsfeed.xs4all.nl!newsfeed1.news.xs4all.nl!xs4all!post.news.xs4all.nl!not-for-mail |
|---|---|
| Return-Path | <nedbat@gmail.com> |
| X-Original-To | python-list@python.org |
| Delivered-To | python-list@mail.python.org |
| X-Spam-Status | OK 0.048 |
| X-Spam-Evidence | '*H*': 0.90; '*S*': 0.00; 'subject:password': 0.05; 'subject:code': 0.07; 'happen.': 0.09; 'cc:addr:python-list': 0.11; 'python': 0.11; 'question.': 0.14; '4:25': 0.16; 'non- python': 0.16; 'subject: \n ': 0.16; 'subject:run': 0.16; 'thread,': 0.16; 'sender:addr:gmail.com': 0.17; 'wrote:': 0.18; 'wed,': 0.18; '>>>': 0.22; 'cc:addr:python.org': 0.22; 'header :User-Agent:1': 0.23; 'question': 0.24; 'cc:2**0': 0.24; 'cc:no real name:2**0': 0.24; 'asking': 0.27; 'header:In-Reply-To:1': 0.27; 'am,': 0.29; 'topic': 0.29; "i'm": 0.30; 'code': 0.31; "skip:' 10": 0.31; '>>>>': 0.31; "d'aprano": 0.31; 'steven': 0.31; 'way?': 0.31; 'file': 0.32; 'know.': 0.32; 'run': 0.32; 'another': 0.32; 'linux': 0.33; 'subject:the': 0.34; 'knows': 0.35; 'possible.': 0.35; 'but': 0.35; 'received:google.com': 0.35; 'there': 0.35; 'possible': 0.36; 'subject:?': 0.36; 'being': 0.38; 'server': 0.38; 'question,': 0.38; 'that,': 0.38; 'how': 0.40; 'subject:Can': 0.60; 'forum': 0.61; 'you.': 0.62; "you've": 0.63; 'show': 0.63; 'places': 0.64; 'to:addr:gmail.com': 0.65; 'here': 0.66; '8bit%:92': 0.71; 'batchelder': 0.84; 'subject:know': 0.84; 'upset': 0.84; 'utilized': 0.84; 'angry': 0.93; '2013': 0.98 |
| DKIM-Signature | v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=sender:message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; bh=stu/IpnrzHwMyITbAcyPjb5LepYZpp5U+Yn39yyBIsE=; b=iO/NsDz/ppXb6ivjWCWhV7Unw4QueN5cQ4qi6RTkONgQMUYqsedpBvSTOcvYSeL7Kq ZZwpq1oiyZogoZYU1oK8BglIaqsHkSxDOjSN+bc463tnARPastaFgFcUwFumoPh1AQ7W g5fYv99dKYfctsGLEu7/p6DZtQucQ8P7x078zsfUj+2iqXlZyAMlVgxxJ6CbTqCy4cU/ 8no99HYkA0V8jtbabh9g2F7P94O5mWI0zyndw39JQ3pdyIcczAYr+YAdRZTC129Msqbx ujzKDg/ZukImwxbZK18ZW0wDTcr4XbSG/Y7kup0Tc6vqNTab5xHQQ8S0uuiX8xH1eTFS ihbw== |
| X-Received | by 10.224.16.208 with SMTP id p16mr4168256qaa.51.1380726950470; Wed, 02 Oct 2013 08:15:50 -0700 (PDT) |
| Sender | Ned Batchelder <nedbat@gmail.com> |
| Date | Wed, 02 Oct 2013 11:15:48 -0400 |
| From | Ned Batchelder <ned@nedbatchelder.com> |
| User-Agent | Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:17.0) Gecko/20130801 Thunderbird/17.0.8 |
| MIME-Version | 1.0 |
| To | Νίκος <nikos.gr33k@gmail.com> |
| Subject | Re: Can arbitrary code run in a server if someone's know just the MySQL password? |
| References | <l2h31g$q96$1@dont-email.me> <524c1ee6$0$29984$c3e8da3$5496439d@news.astraweb.com> <l2h7qj$gqt$2@dont-email.me> <mailman.629.1380722323.18130.python-list@python.org> <l2hbjf$8mv$1@dont-email.me> |
| In-Reply-To | <l2hbjf$8mv$1@dont-email.me> |
| Content-Type | text/plain; charset=UTF-8; format=flowed |
| Content-Transfer-Encoding | 8bit |
| Cc | python-list@python.org |
| X-BeenThere | python-list@python.org |
| X-Mailman-Version | 2.1.15 |
| Precedence | list |
| List-Id | General discussion list for the Python programming language <python-list.python.org> |
| List-Unsubscribe | <https://mail.python.org/mailman/options/python-list>, <mailto:python-list-request@python.org?subject=unsubscribe> |
| List-Archive | <http://mail.python.org/pipermail/python-list/> |
| List-Post | <mailto:python-list@python.org> |
| List-Help | <mailto:python-list-request@python.org?subject=help> |
| List-Subscribe | <https://mail.python.org/mailman/listinfo/python-list>, <mailto:python-list-request@python.org?subject=subscribe> |
| Newsgroups | comp.lang.python |
| Message-ID | <mailman.636.1380726953.18130.python-list@python.org> (permalink) |
| Lines | 42 |
| NNTP-Posting-Host | 2001:888:2000:d::a6 |
| X-Trace | 1380726953 news.xs4all.nl 15957 [2001:888:2000:d::a6]:49167 |
| X-Complaints-To | abuse@xs4all.nl |
| Xref | csiph.com comp.lang.python:55350 |
Show key headers only | View raw
On 10/2/13 10:46 AM, Νίκος wrote: > Στις 2/10/2013 4:58 μμ, ο/η Ned Batchelder έγραψε: >> On 10/2/13 9:41 AM, Νίκος wrote: >>> Στις 2/10/2013 4:25 μμ, ο/η Steven D'Aprano έγραψε: >>>> On Wed, 02 Oct 2013 15:20:00 +0300, Νίκος wrote: >>>> >>>>> Is it possible for someone that knows the MYSQL password of a >>>>> server to >>>>> run arbitrary code on a linux server? >>>> >>>> Yes, it is possible. >>> >>> Is that what might have happened and someone managed to upload the >>> .html file in '~/home/nikos/www/' ? >>> >>> Can you think of any other way? >>> >> >> As others have said in this thread, this is not a Python topic. Find >> another forum for this question. Do not ask it here again. >> >> You've said that you can improve. Show us by not asking non-Python >> questions here. >> >> --Ned. > But i need to know what happened and how this .html file got uploaded. > This is not a python question, but this happened from this pythons NG. > And perhaps my python code was being utilized fo this upload to happen. > > I must know. > This is not a topic for Python-List. We don't have answers for you, and you won't get answers to this question here. If you persist in asking about it here, don't be surprised when people get angry with you. This is anti-social behavior. I know you are upset about your server being compromised. I'm sorry about that, but it isn't on-topic here. There are other places you can get help with your question. --Ned.
Back to comp.lang.python | Previous | Next — Previous in thread | Next in thread | Find similar | Unroll thread
Can arbitrary code run in a server if someone's know just the MySQL password? Νίκος <nikos.gr33k@gmail.com> - 2013-10-02 15:20 +0300
Re: Can arbitrary code run in a server if someone's know just the MySQL password? Antoon Pardon <antoon.pardon@rece.vub.ac.be> - 2013-10-02 14:37 +0200
Re: Can arbitrary code run in a server if someone's know just the MySQL password? feedthetroll@gmx.de - 2013-10-02 05:38 -0700
Re: Killing threads with TB (was: Can arbitrary code run in a server if someone's know just the MySQL password?) Tim Chase <python.list@tim.thechases.com> - 2013-10-02 08:21 -0500
Re: Killing threads with TB Terry Reedy <tjreedy@udel.edu> - 2013-10-02 18:34 -0400
Re: Killing threads with TB Mark Lawrence <breamoreboy@yahoo.co.uk> - 2013-10-02 23:48 +0100
Re: Can arbitrary code run in a server if someone's know just the MySQL password? Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2013-10-02 13:25 +0000
Re: Can arbitrary code run in a server if someone's know just the MySQL password? Νίκος <nikos.gr33k@gmail.com> - 2013-10-02 16:41 +0300
Re: Can arbitrary code run in a server if someone's know just the MySQL password? Ned Batchelder <ned@nedbatchelder.com> - 2013-10-02 09:58 -0400
Re: Can arbitrary code run in a server if someone's know just the MySQL password? Νίκος <nikos.gr33k@gmail.com> - 2013-10-02 17:46 +0300
Re: Can arbitrary code run in a server if someone's know just the MySQL password? ishish <ishish@domhain.de> - 2013-10-02 15:55 +0100
Re: Can arbitrary code run in a server if someone's know just the MySQL password? Ned Batchelder <ned@nedbatchelder.com> - 2013-10-02 11:15 -0400
Re: Can arbitrary code run in a server if someone's know just the MySQL password? Denis McMahon <denismfmcmahon@gmail.com> - 2013-10-02 16:02 +0000
Re: Can arbitrary code run in a server if someone's know just the MySQL password? Ethan Furman <ethan@stoneleaf.us> - 2013-10-02 09:59 -0700
Re: Can arbitrary code run in a server if someone's know just the MySQL password? Alister <alister.ware@ntlworld.com> - 2013-10-02 14:34 +0000
Re: Can arbitrary code run in a server if someone's know just the MySQL password? Ravi Sahni <ganeshsahni07@gmail.com> - 2013-10-02 20:43 +0530
Re: Can arbitrary code run in a server if someone's know just the MySQL password? Νίκος Ακεξόπουλος <nikos.gr33k@gmail.com> - 2013-10-02 20:06 +0300
Re: Can arbitrary code run in a server if someone's know just the MySQL password? Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2013-10-02 17:39 +0000
Re: Can arbitrary code run in a server if someone's know just the MySQL password? Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> - 2013-10-02 21:02 +0300
Re: Can arbitrary code run in a server if someone's know just the MySQL password? Dennis Lee Bieber <wlfraed@ix.netcom.com> - 2013-10-02 20:02 -0400
Re: Can arbitrary code run in a server if someone's know just the MySQL password? Tony the Tiger <tony@tiger.invalid> - 2013-10-04 15:19 -0500
csiph-web