2010-02-26, 06:47:02
Currently GS has no known vulnerabilities. Even with 777 on some folders, if you wanted to, you could put those folders above the public_html directory and that would eliminate access from anyone to them.
There were a few vulnerabilities a few months ago, but the new version fixed them.
I've never used Concrete5 and probably never will... but it took me 10 minutes to find any info on whether it was a mysql or flat file system. Since it uses MySQL, security is a little tighter in that aspect, however, if you have your 777 folders above your public_html folder, then you could argue both ways.
There were a few vulnerabilities a few months ago, but the new version fixed them.
I've never used Concrete5 and probably never will... but it took me 10 minutes to find any info on whether it was a mysql or flat file system. Since it uses MySQL, security is a little tighter in that aspect, however, if you have your 777 folders above your public_html folder, then you could argue both ways.
Clients always want to be able to change the content of their pages, but they are unwilling to do so.
Have you ever coded in your underwear before?
Have you ever coded in your underwear before?