78cad94ff4
For enhanced security it is recommended to configure Redis to only accept connections with a password. (http://redis.io/topics/security) This is especially critical since Redis supports the LUA scripting language and thus a simple SSRF vulnerability (as proven in http://benmmurphy.github.io/blog/2015/06/04/redis-eval-lua-sandbox-escape/ for example) may lead to a remote code execution. |
||
---|---|---|
.. | ||
l10n | ||
private | ||
public | ||
repair | ||
autoloader.php | ||
base.php |