[ILUG] XMLRPC
Rick Moen
rick at linuxmafia.com
Tue Dec 12 19:25:58 GMT 2006
Quoting Jason Corcoran (jason at jcorcoran.net):
> I have a script for updating a dns record when my dynamic ip is reset.
> Its a php script the requires xmlrpc. I can't for the life of me find
> where to get the package from (is it a package ?) the site I got the
> script from dose not contain that much info (i.e. none) and I have
> asked uncle google.
As others have suggested in their answers to your question, you will
have a very major security concern, as PHP in general and the PHPXMLRPC
and PEAR XMLRPC libs in particular have had... issues.
"PHP" on http://linuxmafia.com/kb/Security has some pointers.
http://linuxmafia.com/~rick/faq/index.php?page=virus#virus5 details
one past security debacle involving those libs: the Lupper worm of Nov.
2005.
If it turns out that your distro lacks maintained packages for those
libs, and you end up extracting it from some third-party source, then
please be aware that you'll need to attentively track and fix security
issues for that software manually. (Lupper illustrates what happens
when you don't, on that and any other locally-installed Web software.)
More information about the ILUG
mailing list