Wednesday 08 March 2006 2:31:09 am
so because the risk is their anyway its no problem to have more additional risk??
i dont know how often people use kickstart.ini but i think chances that access to domain.tld/kickstart.ini are allowed than domain.tld/settings/site.ini are much bigger if someone uses not the .htaccess of ezpublish. i think its also not difficult for some kiddies to search with google for "Powered by eZ publish® " to find a bad configured ezp and try to find a kickstart.ini with admin pw.
|