NOT SO - Huge Security holes in MS FrontPage 98
Thu, 23 Oct 1997 14:13:32 +1000
At 08:12 23/10/97 +1000, you (Tom Worthington) wrote:
>Perhaps someone could explain to a non-Frontpage user, such as myself, what
>"Frontpage Extensions" are.
FrontPage server extensions are a set of files which can be added to most
Web servers (eg Apache) to allow full functionality of FrontPage Explorer,
such as file upload/download from within FP (using http instead of ftp),
security/permission administration, creation of MS proprietory 'web-bots'
(used instead of perl/CGI scripts) for form handling and lots of other
>I found myself trying to referee an agrement the other day between a
>webmaster who wanted them and a sever administrator who didn't want to
>supply them. Neither party appeared to want to explain to me what they were
When we moved a development part of our web site from a NT4 server back to
the main UNIX box I had the same argument with our UNIX administrator.
Thankfully, he was able to convince me that the security/administration
routines it utilised would compromise the UNIX system integrity.
The result - no FP extensions on our UNIX boxes. Still use the NT4 server
for development and a few special purposes, like their Discussion Web (a
cute bit I like).
Web Coordinator (master of nothing!)
Client Services Administrator
Information Technology Directorate
Southern Cross University
Lismore NSW Australia
Telephone: +61 2 6620 3097
Facsimile: +61 2 6620 3033