Why not .dll?

[DeadBeet]

Why does TCAdmin not allow for .dll files to be uploaded? Is this a security risk?

 

Also, how do I make it so all my customers can upload .dll files?

 

Thanks,

Nick

[Jissh]

Go to: System Settings/Plugins/FTP Configuration. Then edit "Restricted Extensions" to suit your needs.

[adamnp]

And yes it is a security risk:)

[DeadBeet]

But why is it a security risk? What can they do?

 

-Nick

[adamnp]

Briefly, the major security implication that can be brought upon by allowing users to upload dll files is mainly the ability to include code and allow full code execution via a plugin in a DLL. also, DLL's are normally or can normally be run with unrestricted access to the underlying operating system....This can create havok if put in the wrong hand, and with a few more resources..

[DeadBeet]

Ok, thanks!!!

[DougK94]

Certain mods may have a .dll in them, but it is easy enough for your customer to submit a support ticket and then you install it for them. If you are using TCAdmin for your personal clan servers, it is not that big of a problem to go ahead and allow .dll, .bat, etc. as you hopefully do not give all clan members FTP and file manager access.

[ECF]

The best way to allow .dlls is to use the mod system within TCAdmin and create a mod for the client. That way they can install the mod, but it will only take the files that you put in the mod zip file and extract them to their folder, leaving the .dll protection on the filemanager and FTP intact.