If you have never uploaded from within Freeway using a given document, then no. But if you have, then your upload user and password are embedded in the document. The password cannot be brute-forced out of the document, but the document can be used to deface your site or change its content, since it is authorized to change the content on server.
When posting a Freeway document for others to download (like the various examples I post for my Actions), I generally just use Transmit in place of Freeway’s built-in FTP to upload the example site, that way the password is never made part of the document and there’s nothing to lose.
As far as me being worried that your document contained some trojan horse that would cripple my computer, no, that’s not what I was worried about. It’s more about your security and peace of mind than anything else. (If the file you posted on Dropbox contains your password, you should take it down AND change your FTP password on your server immediately.)
When I have a contractual relationship with you, and you’ve paid me to dissect your site, or build one for you, or some such thing, then I will happily share binary Freeway files with you. I will specify exactly how you should compress the site archive (so I don’t have to bug you for external files that make it impossible to publish cleanly) and we will work out a round-trip code sharing setup. Generally at that level of work, you will have given me your passwords, and I will be contractually bound to keep them safe. We also won’t be discussing that in public.
Walter
On Jun 22, 2014, at 10:07 AM, tobiaseichner wrote:
No problem, here it is: Gerda Eichner – möblierte Appartements – Wohnen auf Zeit in Oberfranken
By the way, are there any security vulnerabilities known on freeway documents to take care about ?
Tobias.
freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options
freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options