Facebook
Twitter
Scenario:
I have a client that owns multiple domains for different businesses. He uses different teams to maintain each site. He uses a server at home to keep remote backups of his websites in case DEV teams fail to keep backups.
Issue:
Whenever someone visits the BACKUP page for any of his domains, that user is able to see all backups for all websites and is able to download (possibly restore) any file.
Seems that the only verification done on the remote FTP location is that it matches a pattern, but that pattern is not verified to contain the correct domain in the string.
backup_domain1.com_1804041536.tar
backup_domain2.com_1804041536.tar
Both are displayed on both admin panels and can be downloaded... and possibly restored which is even worse. The wrong website can potentially be restored onto the active domains resulting in catastrophic data loss. Emails, Databases, websites wiped with the wrong domain data.
I understand that mixing backups for different domains under the same folder is not an ideal solution but if the domain name on the filename does not match then, I believe, it should not be displayed.
I have a client that owns multiple domains for different businesses. He uses different teams to maintain each site. He uses a server at home to keep remote backups of his websites in case DEV teams fail to keep backups.
Issue:
Whenever someone visits the BACKUP page for any of his domains, that user is able to see all backups for all websites and is able to download (possibly restore) any file.
Seems that the only verification done on the remote FTP location is that it matches a pattern, but that pattern is not verified to contain the correct domain in the string.
backup_domain1.com_1804041536.tar
backup_domain2.com_1804041536.tar
Both are displayed on both admin panels and can be downloaded... and possibly restored which is even worse. The wrong website can potentially be restored onto the active domains resulting in catastrophic data loss. Emails, Databases, websites wiped with the wrong domain data.
I understand that mixing backups for different domains under the same folder is not an ideal solution but if the domain name on the filename does not match then, I believe, it should not be displayed.
