Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.lang.python > #55171 > unrolled thread

Re: I haev fixed it

Back to article view | Back to comp.lang.python

This discussion starts older than the indexed window; earlier articles aren't shown. The article labeled Started by below is the oldest one visible, not the original post.

Contents

  Re: I haev fixed it Chris Angelico <rosuav@gmail.com> - 2013-10-01 18:59 +1000
    Re: I haev fixed it Νίκος <nikos.gr33k@gmail.com> - 2013-10-01 13:16 +0300
      Re: I haev fixed it Chris Angelico <rosuav@gmail.com> - 2013-10-01 20:47 +1000
        Re: I haev fixed it Νίκος <nikos.gr33k@gmail.com> - 2013-10-01 13:54 +0300
          Re: I haev fixed it Chris Angelico <rosuav@gmail.com> - 2013-10-01 20:58 +1000
            Re: I haev fixed it Νίκος <nikos.gr33k@gmail.com> - 2013-10-01 14:06 +0300
              Re: I haev fixed it Heiko Wundram <modelnine@modelnine.org> - 2013-10-01 13:29 +0200
                Re: I haev fixed it Νίκος <nikos.gr33k@gmail.com> - 2013-10-01 15:06 +0300
                  Re: I haev fixed it Heiko Wundram <modelnine@modelnine.org> - 2013-10-01 14:12 +0200
                    Re: I haev fixed it Νίκος <nikos.gr33k@gmail.com> - 2013-10-01 15:21 +0300
                      Re: I haev fixed it Νίκος <nikos.gr33k@gmail.com> - 2013-10-01 15:25 +0300
                        Re: I haev fixed it ishish <ishish@domhain.de> - 2013-10-01 13:50 +0100
                          Re: I haev fixed it Νίκος <nikos.gr33k@gmail.com> - 2013-10-01 16:14 +0300
                            Re: I haev fixed it ishish <ishish@domhain.de> - 2013-10-01 14:26 +0100
                              Re: I haev fixed it Νίκος <nikos.gr33k@gmail.com> - 2013-10-01 16:37 +0300
                            Re: I haev fixed it Joel Goldstick <joel.goldstick@gmail.com> - 2013-10-01 09:35 -0400
                              Re: I haev fixed it Νίκος <nikos.gr33k@gmail.com> - 2013-10-01 16:39 +0300
              Re: I haev fixed it alex23 <wuwei23@gmail.com> - 2013-10-02 09:25 +1000
                Re: I haev fixed it Νίκος <nikos.gr33k@gmail.com> - 2013-10-02 02:30 +0300
                  Re: I haev fixed it alex23 <wuwei23@gmail.com> - 2013-10-02 09:38 +1000
          Re: I haev fixed it Ned Batchelder <ned@nedbatchelder.com> - 2013-10-01 06:59 -0400
          Re: I haev fixed it Mark Lawrence <breamoreboy@yahoo.co.uk> - 2013-10-01 14:23 +0100
            Re: I haev fixed it Νίκος <nikos.gr33k@gmail.com> - 2013-10-01 16:34 +0300
              Re: I haev fixed it Mark Lawrence <breamoreboy@yahoo.co.uk> - 2013-10-01 14:44 +0100
                Re: I haev fixed it Νίκος <nikos.gr33k@gmail.com> - 2013-10-01 16:52 +0300
                  Re: I haev fixed it Mark Lawrence <breamoreboy@yahoo.co.uk> - 2013-10-01 15:00 +0100
              Re: I haev fixed it feedthetroll@gmx.de - 2013-10-01 07:08 -0700
                Re: I haev fixed it Νίκος <nikos.gr33k@gmail.com> - 2013-10-01 17:32 +0300
                  Re: I haev fixed it feedthetroll@gmx.de - 2013-10-01 08:53 -0700
                    Re: I haev fixed it Νίκος <nikos.gr33k@gmail.com> - 2013-10-01 18:57 +0300
                      Re: I haev fixed it feedthetroll@gmx.de - 2013-10-01 09:40 -0700
                        Re: I haev fixed it Νίκος <nikos.gr33k@gmail.com> - 2013-10-02 01:46 +0300
                          Re: I haev fixed it Mark Lawrence <breamoreboy@yahoo.co.uk> - 2013-10-01 23:57 +0100
                            Re: I haev fixed it Νίκος <nikos.gr33k@gmail.com> - 2013-10-02 02:28 +0300
                              Re: I haev fixed it Mark Lawrence <breamoreboy@yahoo.co.uk> - 2013-10-02 15:01 +0100
                                Re: I haev fixed it Denis McMahon <denismfmcmahon@gmail.com> - 2013-10-02 15:48 +0000
                                  Re: I haev fixed it Mark Lawrence <breamoreboy@yahoo.co.uk> - 2013-10-02 17:07 +0100
                                    Re: I haev fixed it Denis McMahon <denismfmcmahon@gmail.com> - 2013-10-02 18:57 +0000
          Re: I haev fixed it Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2013-10-02 02:35 +0000
            Re: I haev fixed it Νίκος <nikos.gr33k@gmail.com> - 2013-10-02 13:12 +0300
      Re: I haev fixed it Mark Lawrence <breamoreboy@yahoo.co.uk> - 2013-10-01 14:19 +0100
        Re: I haev fixed it Νίκος <nikos.gr33k@gmail.com> - 2013-10-01 16:22 +0300
      Re: I haev fixed it Joel Goldstick <joel.goldstick@gmail.com> - 2013-10-01 09:27 -0400
        Re: I haev fixed it Νίκος <nikos.gr33k@gmail.com> - 2013-10-01 16:43 +0300
        Stop posting HTML [was Re: I haev fixed it] Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2013-10-02 01:52 +0000
          Re: Stop posting HTML [was Re: I haev fixed it] Joel Goldstick <joel.goldstick@gmail.com> - 2013-10-01 22:02 -0400
            Re: Stop posting HTML [was Re: I haev fixed it] Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2013-10-02 02:40 +0000
              Re: Stop posting HTML [was Re: I haev fixed it] Michael Torrie <torriem@gmail.com> - 2013-10-01 21:33 -0600
              Re: Stop posting HTML [was Re: I haev fixed it] Daniel Stojanov <daniel.stjnv+python-list@gmail.com> - 2013-10-02 12:57 +1000
              Re: Stop posting HTML [was Re: I haev fixed it] Dave Angel <davea@davea.name> - 2013-10-02 12:05 +0000
          Re: Stop posting HTML [was Re: I haev fixed it] Skip Montanaro <skip.montanaro@gmail.com> - 2013-10-01 21:28 -0500
      Re: I haev fixed it Piet van Oostrum <piet@vanoostrum.org> - 2013-10-01 14:20 -0400

Page 1 of 3  [1] 2 3  Next page →

#55171 — Re: I haev fixed it

On Tue, Oct 1, 2013 at 9:59 AM,  <nikos@secure.superhost.gr> wrote:
> http://superhost.gr/warning.html

Okay, who posted this? I'm thinking possibly someone may have access
to your server again.

ChrisA

[toc] | [next] | [standalone]

#55174

Στις 1/10/2013 11:59 πμ, ο/η Chris Angelico έγραψε:
> On Tue, Oct 1, 2013 at 9:59 AM,  <nikos@secure.superhost.gr> wrote:
>> http://superhost.gr/warning.html
>
> Okay, who posted this? I'm thinking possibly someone may have access
> to your server again.
>
> ChrisA
>
Hi chris,

I just saw thios thread, although half an hour earlier i opened anew one 
myself.


Just logged in via FTP to my server and i saw an uploade file named 
"Warnign html"

Contents were:

WARNING

I am incompetent. Do not hire me!

Question:

WHO AND MOST IMPORTNTANLY HOW DID HE MANAGED TO UPLOAD THIS FILE ON MY 
ACCOUNT?

PLEASE ANSWER ME, I WONT GET MAD, BUT THIS IS AN IMPORTANT SECURITY RISK.

SOMEONES MUST HAVE ACCESS TO MY ACCOUNT, DOES THE SOURCE CODE OF MY MAIN 
PYTHON SCRIPT APPEARS SOMEPLACE AGAIN?!?!

[toc] | [prev] | [next] | [standalone]

#55175

On Tue, Oct 1, 2013 at 8:16 PM, Νίκος <nikos.gr33k@gmail.com> wrote:
> WHO AND MOST IMPORTNTANLY HOW DID HE MANAGED TO UPLOAD THIS FILE ON MY
> ACCOUNT?
>
> PLEASE ANSWER ME, I WONT GET MAD, BUT THIS IS AN IMPORTANT SECURITY RISK.
>
> SOMEONES MUST HAVE ACCESS TO MY ACCOUNT, DOES THE SOURCE CODE OF MY MAIN
> PYTHON SCRIPT APPEARS SOMEPLACE AGAIN?!?!

Whoever did it, he seems also to have gained access to your emails as
well. Congratulations to him, I think he's done well.

ChrisA

[toc] | [prev] | [next] | [standalone]

#55176

Στις 1/10/2013 1:47 μμ, ο/η Chris Angelico έγραψε:
> On Tue, Oct 1, 2013 at 8:16 PM, Νίκος <nikos.gr33k@gmail.com> wrote:
>> WHO AND MOST IMPORTNTANLY HOW DID HE MANAGED TO UPLOAD THIS FILE ON MY
>> ACCOUNT?
>>
>> PLEASE ANSWER ME, I WONT GET MAD, BUT THIS IS AN IMPORTANT SECURITY RISK.
>>
>> SOMEONES MUST HAVE ACCESS TO MY ACCOUNT, DOES THE SOURCE CODE OF MY MAIN
>> PYTHON SCRIPT APPEARS SOMEPLACE AGAIN?!?!
>
> Whoever did it, he seems also to have gained access to your emails as
> well. Congratulations to him, I think he's done well.

How did this happened i asked.
I must know how did this happen so i take action to prevent it from 
happening again.

I you want to congratulate Mark Lawrence do it in private.

[toc] | [prev] | [next] | [standalone]

#55177

On Tue, Oct 1, 2013 at 8:54 PM, Νίκος <nikos.gr33k@gmail.com> wrote:
> How did this happened i asked.
> I must know how did this happen so i take action to prevent it from
> happening again.
>
> I you want to congratulate Mark Lawrence do it in private.

You know it was Mark, then? Okay. In that case, ask him directly. If
not, I advise you to refrain from making bald statements that you
can't back.

You really need to sort out your own security. Don't go begging
someone else for help - not everyone is courteous enough to just put
an HTML file down and send an email from your account. Some people
will actually destroy things.

ChrisA

[toc] | [prev] | [next] | [standalone]

#55179

Στις 1/10/2013 1:58 μμ, ο/η Chris Angelico έγραψε:
> On Tue, Oct 1, 2013 at 8:54 PM, Νίκος <nikos.gr33k@gmail.com> wrote:
>> How did this happened i asked.
>> I must know how did this happen so i take action to prevent it from
>> happening again.
>>
>> I you want to congratulate Mark Lawrence do it in private.
>
> You know it was Mark, then? Okay. In that case, ask him directly. If
> not, I advise you to refrain from making bald statements that you
> can't back.

He started the thread didn't he?

He also posted couple days agon if i have fixes a link form a domain i 
host which provided my source code in plain text.

Let alone his hatred agaisnt me.

Considerign the above I think its safe to say it was him.

> You really need to sort out your own security. Don't go begging
> someone else for help - not everyone is courteous enough to just put
> an HTML file down and send an email from your account. Some people
> will actually destroy things.

I'am not begging anyone.
I have aksed a question as to HOW this might have happened.
But it seems you don't want to provide an explanation although i think 
you might have a theory.

[toc] | [prev] | [next] | [standalone]

#55181

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Am 01.10.2013 13:06, schrieb Νίκος:
> But it seems you don't want to provide an explanation although i
> think you might have a theory.

You need a theory?

1) Your password(s) is/are leaked (see the URL referenced somewhere
before, and IIRC you also posted your GMail password sometime ago), and

2) you did password-reuse, so that by an attacker getting access to
one password, more than one of your accounts was compromised.

- -- 
- --- Heiko.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.20 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBAgAGBQJSSrIKAAoJEDMqpHf921/SO+UH/iujBSt7ZXmXAIAHgHXoKH0Q
Qxvzi2L1pCXcXvEE4yeUI0g0TiYD9B88Q5eRyCegWWm2BwpOjx7KLNBkMqQeiI6H
M52L/ulXwMkwVq0HTn6YPNncReQrPMu2V5xQaKWhfVhBnWLZnZYm1n7WZse9M2Sr
9KaAkZ4j2jlHozJ9tAGXnIt/9bj6MM3SQPuG1b68qSWThisUhvTcbrDkm3e4KDoq
I9i9kEF93XPLYeOMefEOksm51vKjpDWFlRu20Vqy5quYxDHpUU/5e04Z6doz0py8
6XhR892g4zetQ3OwtzxQOKunwaLOvSg9VtXfIn7ElBkCE0v/XbCxTnO/oBLcb7g=
=I1kO
-----END PGP SIGNATURE-----

[toc] | [prev] | [next] | [standalone]

#55182

Στις 1/10/2013 2:29 μμ, ο/η Heiko Wundram έγραψε:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Am 01.10.2013 13:06, schrieb Νίκος:
>> But it seems you don't want to provide an explanation although i
>> think you might have a theory.
>
> You need a theory?
>
> 1) Your password(s) is/are leaked (see the URL referenced somewhere
> before, and IIRC you also posted your GMail password sometime ago), and

Hello,

i know about the link you mentioned and i have deleted the source code 
from there.

[toc] | [prev] | [next] | [standalone]

#55183

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Am 01.10.2013 14:06, schrieb Νίκος:
> i know about the link you mentioned and i have deleted the source
> code from there.

Guess what: Google keeps a cache. See here:

http://webcache.googleusercontent.com/search?q=cache:http://superhost.gr/~dauwin/cgi-bin/metrites.py

So if you haven't changed your password(s), you'd better do that now.

- -- 
- --- Heiko.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.20 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBAgAGBQJSSrwRAAoJEDMqpHf921/SY/MH/3pf9ZdHCXuu84urCodUyBrQ
RVRbVN1lXAzCXY1nyPGfzANOsraXLzRDe0j9ZBfHbEaZR19Hvl4DOf8+RJfRl8jg
LWCsgIIVb2fWWVLrx1CU3oz47sVfy1vGOp8XRiIqjcDKa+zOtyqqlxIolKCFM6CL
/YsHnb1/9JE1zn07WaKYJTi1/9+uptaQPR9kNzOssv1TpvRiJ+4H1oO67Px6tpdj
VchpEirkV7CaD39mD9BLEoB24FhEX+NSNYPRJx89ivC+MENpNUp6n5vVjQ+ciXI/
NvJJxBalypi/DLNaCR/up2B2018ebH+3ByDv3xO+UnbS6MYx5YVppstilvkvr1c=
=2VTx
-----END PGP SIGNATURE-----

[toc] | [prev] | [next] | [standalone]

#55184

Στις 1/10/2013 3:12 μμ, ο/η Heiko Wundram έγραψε:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Am 01.10.2013 14:06, schrieb Νίκος:
>> i know about the link you mentioned and i have deleted the source
>> code from there.
>
> Guess what: Google keeps a cache. See here:
>
> http://webcache.googleusercontent.com/search?q=cache:http://superhost.gr/~dauwin/cgi-bin/metrites.py
>
> So if you haven't changed your password(s), you'd better do that now.

Tahnk you Heiko i didnt knew Google was keeping cached version of files.

But i have deleted the file metrites.py 2 days ago when i saw Mark 
Lawrence mentioned it and i also have changed the passwords from my 
personal account and root as well.

[toc] | [prev] | [next] | [standalone]

#55185

Στις 1/10/2013 3:21 μμ, ο/η Νίκος έγραψε:
> Στις 1/10/2013 3:12 μμ, ο/η Heiko Wundram έγραψε:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> Am 01.10.2013 14:06, schrieb Νίκος:
>>> i know about the link you mentioned and i have deleted the source
>>> code from there.
>>
>> Guess what: Google keeps a cache. See here:
>>
>> http://webcache.googleusercontent.com/search?q=cache:http://superhost.gr/~dauwin/cgi-bin/metrites.py
>>
>>
>> So if you haven't changed your password(s), you'd better do that now.
>
> Tahnk you Heiko i didnt knew Google was keeping cached version of files.
>
> But i have deleted the file metrites.py 2 days ago when i saw Mark
> Lawrence mentioned it and i also have changed the passwords from my
> personal account and root as well.

I know how he did it, he sees it form here:

http://superhost.gr/~nikos/cgi-bin/metrites.py

I must somehow use an apache directive not to allow such view.

[toc] | [prev] | [next] | [standalone]

#55187

Am 01.10.2013 13:25, schrieb Νίκος:
> Στις 1/10/2013 3:21 μμ, ο/η Νίκος έγραψε:
>> Στις 1/10/2013 3:12 μμ, ο/η Heiko Wundram έγραψε:
>>> -----BEGIN PGP SIGNED MESSAGE-----
>>> Hash: SHA1
>>>
>>> Am 01.10.2013 14:06, schrieb Νίκος:
>>>> i know about the link you mentioned and i have deleted the source
>>>> code from there.
>>>
>>> Guess what: Google keeps a cache. See here:
>>>
>>> 
>>> http://webcache.googleusercontent.com/search?q=cache:http://superhost.gr/~dauwin/cgi-bin/metrites.py
>>>
>>>
>>> So if you haven't changed your password(s), you'd better do that 
>>> now.
>>
>> Tahnk you Heiko i didnt knew Google was keeping cached version of 
>> files.
>>
>> But i have deleted the file metrites.py 2 days ago when i saw Mark
>> Lawrence mentioned it and i also have changed the passwords from my
>> personal account and root as well.
>
> I know how he did it, he sees it form here:
>
> http://superhost.gr/~nikos/cgi-bin/metrites.py
>
> I must somehow use an apache directive not to allow such view.

I agree. Just keep folders for scripts and templates above the actual 
public_html.

Sas

[toc] | [prev] | [next] | [standalone]

#55188

Στις 1/10/2013 3:50 μμ, ο/η ishish έγραψε:
> Am 01.10.2013 13:25, schrieb Νίκος:
>> Στις 1/10/2013 3:21 μμ, ο/η Νίκος έγραψε:
>>> Στις 1/10/2013 3:12 μμ, ο/η Heiko Wundram έγραψε:
>>>> -----BEGIN PGP SIGNED MESSAGE-----
>>>> Hash: SHA1
>>>>
>>>> Am 01.10.2013 14:06, schrieb Νίκος:
>>>>> i know about the link you mentioned and i have deleted the source
>>>>> code from there.
>>>>
>>>> Guess what: Google keeps a cache. See here:
>>>>
>>>>
>>>> http://webcache.googleusercontent.com/search?q=cache:http://superhost.gr/~dauwin/cgi-bin/metrites.py
>>>>
>>>>
>>>>
>>>> So if you haven't changed your password(s), you'd better do that now.
>>>
>>> Tahnk you Heiko i didnt knew Google was keeping cached version of files.
>>>
>>> But i have deleted the file metrites.py 2 days ago when i saw Mark
>>> Lawrence mentioned it and i also have changed the passwords from my
>>> personal account and root as well.
>>
>> I know how he did it, he sees it form here:
>>
>> http://superhost.gr/~nikos/cgi-bin/metrites.py
>>
>> I must somehow use an apache directive not to allow such view.
>
> I agree. Just keep folders for scripts and templates above the actual
> public_html.

python scripts need to be placed inside the 'cgi-bin/' folder which is 
located at '~/public_html/'.

Othwerise they wont work.

[toc] | [prev] | [next] | [standalone]

#55195

Am 01.10.2013 14:14, schrieb Νίκος:
> Στις 1/10/2013 3:50 μμ, ο/η ishish έγραψε:
>> Am 01.10.2013 13:25, schrieb Νίκος:
>>> Στις 1/10/2013 3:21 μμ, ο/η Νίκος έγραψε:
>>>> Στις 1/10/2013 3:12 μμ, ο/η Heiko Wundram έγραψε:
>>>>> -----BEGIN PGP SIGNED MESSAGE-----
>>>>> Hash: SHA1
>>>>>
>>>>> Am 01.10.2013 14:06, schrieb Νίκος:
>>>>>> i know about the link you mentioned and i have deleted the 
>>>>>> source
>>>>>> code from there.
>>>>>
>>>>> Guess what: Google keeps a cache. See here:
>>>>>
>>>>>
>>>>> 
>>>>> http://webcache.googleusercontent.com/search?q=cache:http://superhost.gr/~dauwin/cgi-bin/metrites.py
>>>>>
>>>>>
>>>>>
>>>>> So if you haven't changed your password(s), you'd better do that 
>>>>> now.
>>>>
>>>> Tahnk you Heiko i didnt knew Google was keeping cached version of 
>>>> files.
>>>>
>>>> But i have deleted the file metrites.py 2 days ago when i saw Mark
>>>> Lawrence mentioned it and i also have changed the passwords from 
>>>> my
>>>> personal account and root as well.
>>>
>>> I know how he did it, he sees it form here:
>>>
>>> http://superhost.gr/~nikos/cgi-bin/metrites.py
>>>
>>> I must somehow use an apache directive not to allow such view.
>>
>> I agree. Just keep folders for scripts and templates above the 
>> actual
>> public_html.
>
> python scripts need to be placed inside the 'cgi-bin/' folder which
> is located at '~/public_html/'.
>
> Othwerise they wont work.

That's due to your (or whoever set these up) configurations. I have 
never used the public_html to store perl, python or php scripts and it 
works perfectly fine for me.

Sas

[toc] | [prev] | [next] | [standalone]

#55201

Στις 1/10/2013 4:26 μμ, ο/η ishish έγραψε:
> Am 01.10.2013 14:14, schrieb Νίκος:
>> Στις 1/10/2013 3:50 μμ, ο/η ishish έγραψε:
>>> Am 01.10.2013 13:25, schrieb Νίκος:
>>>> Στις 1/10/2013 3:21 μμ, ο/η Νίκος έγραψε:
>>>>> Στις 1/10/2013 3:12 μμ, ο/η Heiko Wundram έγραψε:
>>>>>> -----BEGIN PGP SIGNED MESSAGE-----
>>>>>> Hash: SHA1
>>>>>>
>>>>>> Am 01.10.2013 14:06, schrieb Νίκος:
>>>>>>> i know about the link you mentioned and i have deleted the source
>>>>>>> code from there.
>>>>>>
>>>>>> Guess what: Google keeps a cache. See here:
>>>>>>
>>>>>>
>>>>>>
>>>>>> http://webcache.googleusercontent.com/search?q=cache:http://superhost.gr/~dauwin/cgi-bin/metrites.py
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> So if you haven't changed your password(s), you'd better do that now.
>>>>>
>>>>> Tahnk you Heiko i didnt knew Google was keeping cached version of
>>>>> files.
>>>>>
>>>>> But i have deleted the file metrites.py 2 days ago when i saw Mark
>>>>> Lawrence mentioned it and i also have changed the passwords from my
>>>>> personal account and root as well.
>>>>
>>>> I know how he did it, he sees it form here:
>>>>
>>>> http://superhost.gr/~nikos/cgi-bin/metrites.py
>>>>
>>>> I must somehow use an apache directive not to allow such view.
>>>
>>> I agree. Just keep folders for scripts and templates above the actual
>>> public_html.
>>
>> python scripts need to be placed inside the 'cgi-bin/' folder which
>> is located at '~/public_html/'.
>>
>> Othwerise they wont work.
>
> That's due to your (or whoever set these up) configurations. I have
> never used the public_html to store perl, python or php scripts and it
> works perfectly fine for me.

To which folders do you store your cgi scripts for safety?

[toc] | [prev] | [next] | [standalone]

#55200

[Multipart message — attachments visible in raw view] — view raw

On Tue, Oct 1, 2013 at 9:26 AM, ishish <ishish@domhain.de> wrote:

> Am 01.10.2013 14:14, schrieb Νίκος:
>
>  Στις 1/10/2013 3:50 μμ, ο/η ishish έγραψε:
>>
>>> Am 01.10.2013 13:25, schrieb Νίκος:
>>>
>>>> Στις 1/10/2013 3:21 μμ, ο/η Νίκος έγραψε:
>>>>
>>>>> Στις 1/10/2013 3:12 μμ, ο/η Heiko Wundram έγραψε:
>>>>>
>>>>>> -----BEGIN PGP SIGNED MESSAGE-----
>>>>>> Hash: SHA1
>>>>>>
>>>>>> Am 01.10.2013 14:06, schrieb Νίκος:
>>>>>>
>>>>>>> i know about the link you mentioned and i have deleted the source
>>>>>>> code from there.
>>>>>>>
>>>>>>
>>>>>> Guess what: Google keeps a cache. See here:
>>>>>>
>>>>>>
>>>>>>
>>>>>> http://webcache.**googleusercontent.com/search?**
>>>>>> q=cache:http://superhost.gr/~**dauwin/cgi-bin/metrites.py<http://webcache.googleusercontent.com/search?q=cache:http://superhost.gr/~dauwin/cgi-bin/metrites.py>
>>>>>>
>>>>>>
>>>>>>
>>>>>> So if you haven't changed your password(s), you'd better do that now.
>>>>>>
>>>>>
>>>>> Tahnk you Heiko i didnt knew Google was keeping cached version of
>>>>> files.
>>>>>
>>>>> But i have deleted the file metrites.py 2 days ago when i saw Mark
>>>>> Lawrence mentioned it and i also have changed the passwords from my
>>>>> personal account and root as well.
>>>>>
>>>>
>>>> I know how he did it, he sees it form here:
>>>>
>>>> http://superhost.gr/~nikos/**cgi-bin/metrites.py<http://superhost.gr/~nikos/cgi-bin/metrites.py>
>>>>
>>>> I must somehow use an apache directive not to allow such view.
>>>>
>>>
>>> I agree. Just keep folders for scripts and templates above the actual
>>> public_html.
>>>
>>
>> python scripts need to be placed inside the 'cgi-bin/' folder which
>> is located at '~/public_html/'.
>>
>> Othwerise they wont work.
>>
>
> That's due to your (or whoever set these up) configurations. I have never
> used the public_html to store perl, python or php scripts and it works
> perfectly fine for me.
>
> Sas
> --
> https://mail.python.org/**mailman/listinfo/python-list<https://mail.python.org/mailman/listinfo/python-list>
>

Thanks for that note.  I haven't done this sort of thing for a while, but
as I recall you NEVER put code in public_html.  So that was odd (well not
really since its from Nikos!) to see a rule that code must be put there.

On a personal note, i'm bummed out I woke up too late to see the warning
page.


-- 
Joel Goldstick
http://joelgoldstick.com

[toc] | [prev] | [next] | [standalone]

#55202

Στις 1/10/2013 4:35 μμ, ο/η Joel Goldstick έγραψε:

> Thanks for that note.  I haven't done this sort of thing for a while,
> but as I recall you NEVER put code in public_html.  So that was odd
> (well not really since its from Nikos!) to see a rule that code must be
> put there.

public_html as well as cgi-bin are there for a reason you know.
So people put files within those folders.

Tehy can be dafe there as well, no nee to place them above '../public_html'.

I still have them there and they are safe now.

[toc] | [prev] | [next] | [standalone]

#55252

On 1/10/2013 9:06 PM, Νίκος wrote:
> Στις 1/10/2013 1:58 μμ, ο/η Chris Angelico έγραψε:
>> On Tue, Oct 1, 2013 at 8:54 PM, Νίκος <nikos.gr33k@gmail.com> wrote:
>>> I you want to congratulate Mark Lawrence do it in private.
>>
>> You know it was Mark, then? Okay. In that case, ask him directly. If
>> not, I advise you to refrain from making bald statements that you
>> can't back.
>
> He started the thread didn't he?
>
> He also posted couple days agon if i have fixes a link form a domain i
> host which provided my source code in plain text.
>
> Let alone his hatred agaisnt me.
>
> Considerign the above I think its safe to say it was him.

No, it's defamation. Unless you have _proof_ it was Mark Lawrence, you 
really should just shut up for once. As it stands, without an apology 
(and even _with_ one), Mark has the legal right to sue you.

http://en.wikipedia.org/wiki/Defamation#Internationally
http://www.aaronkellylaw.com/internet-defamation-laws/serving-an-international-defamation-subpoena/

[toc] | [prev] | [next] | [standalone]

#55256

Στις 2/10/2013 2:25 πμ, ο/η alex23 έγραψε:
> On 1/10/2013 9:06 PM, Νίκος wrote:
>> Στις 1/10/2013 1:58 μμ, ο/η Chris Angelico έγραψε:
>>> On Tue, Oct 1, 2013 at 8:54 PM, Νίκος <nikos.gr33k@gmail.com> wrote:
>>>> I you want to congratulate Mark Lawrence do it in private.
>>>
>>> You know it was Mark, then? Okay. In that case, ask him directly. If
>>> not, I advise you to refrain from making bald statements that you
>>> can't back.
>>
>> He started the thread didn't he?
>>
>> He also posted couple days agon if i have fixes a link form a domain i
>> host which provided my source code in plain text.
>>
>> Let alone his hatred agaisnt me.
>>
>> Considerign the above I think its safe to say it was him.
>
> No, it's defamation. Unless you have _proof_ it was Mark Lawrence, you
> really should just shut up for once. As it stands, without an apology
> (and even _with_ one), Mark has the legal right to sue you.
>
> http://en.wikipedia.org/wiki/Defamation#Internationally
> http://www.aaronkellylaw.com/internet-defamation-laws/serving-an-international-defamation-subpoena/

Wooow! Now i'am reaaaaly scared! Please don't put me behind bars....lol!

[toc] | [prev] | [next] | [standalone]

#55257

On 2/10/2013 9:30 AM, Νίκος wrote:
> Στις 2/10/2013 2:25 πμ, ο/η alex23 έγραψε:
>> No, it's defamation. Unless you have _proof_ it was Mark Lawrence, you
>> really should just shut up for once. As it stands, without an apology
>> (and even _with_ one), Mark has the legal right to sue you.
>
> Wooow! Now i'am reaaaaly scared! Please don't put me behind bars....lol!

Yes, it's so funny. You do understand there's a good chance your 
customers would be able to sue you as well?

[toc] | [prev] | [next] | [standalone]

Page 1 of 3  [1] 2 3  Next page →

Back to top | Article view | comp.lang.python

csiph-web