I looked around in the source-code but couldn't find any place where
the file being request for upload actually is checked if it really is in one
of the DC-shares and not somewhere else, i.e c:\autoexe.bat or something similar. Granted I didn't spend to much time looking for it but still if someone KNOWS how a DC client prevents(?) a malicious DC-request from being served, give me a pointer to how that is done!
/ola
upload check flaw?
Moderator: Moderators
Re: upload check flaw?
Check out the method translateFileName() in ShareManager.
Sarf
---
Use no hooks.
Sarf
---
Use no hooks.