For more information... RTFM!
NAVIGATION
PAGES THAT LINK HERE
ACCOUNT LOGIN

You are not logged in

Powered by Interchange version 5.7.0

NoAbsolute

Deny websites the ability to request access to absolute filenames on the system.

Synopsis

NoAbsolute  Yes

This is a Yes or No directive.  The default is No.

Scope

This directive is only available for use in the global (interchange.cfg) configuration file, and will affect all websites running under the Interchange installation.  It will not work in a website's local (catalog.cfg) configuration file. 

Description

This directive controls whether tags such as [file] and [include] etc. can request access to any file on the system

If this directive is set true (Yes) then only files relative to the website's home directory may be requested.  The website's home directory is defined by the Catalog global configuration directive.  If this directive is set false (No) then any file may be requested (subject to user permissions).

Note

Note

This does not apply when testing to see whether a file exists, as with [if file].  This operation is allowed regardless of the NoAbsolute value.

Warning

Warning

The default (No) should be changed to Yes in a multi-user environment to minimise security risks.

Category:  Global config directives
Last modified by: Kevin Walsh
Modification date: Wednesday 23 August 2006 at 1:14 PM (CDT)
Home  |  Legal nonsense  |  Privacy policy  |  Donations  |  Contact us