[nycphp-talk] server-writable php files
Allen Shaw
ashaw at polymerdb.org
Fri Jun 9 17:07:54 EDT 2006
Yeah, that's right. Guess I was thinking too narrowly. Thanks.
- Allen
Ken Robinson wrote:
> At 04:51 PM 6/9/2006, Allen Shaw wrote:
>
>>1. Create the file
>>2. store md5 checksum of in database
>>3. compare stored checksum and actual file checksum anytime before
>>running the file later.
>>
>>No?
>
>
> That might be fine for files you create, but what is going to stop a
> malicious person who finds the directory, put his own scripts into
> it, and causes havoc to your server or the web and you won't even
> know he's there until too late.
>
> Ken
>
> _______________________________________________
> New York PHP Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
> New York PHP Conference and Expo 2006
> http://www.nyphpcon.com
> Show Your Participation in New York PHP
> http://www.nyphp.org/show_participation.php
>
--
Allen Shaw
Polymer (http://polymerdb.org)
More information about the talk
mailing list