[nycphp-talk] escapeshellcmd stupidity?
Ajai Khattri
ajai at bitblit.net
Sat Jan 3 01:15:58 EST 2009
On Fri, 2 Jan 2009, Allen Shaw wrote:
> I have a shell script that manages my todo list, and I'd like to access
> it through the Web as well, for convenience when I'm traveling. ssh is
> not ideal here, since Web gives me access from any machine without
> downloading PuTTY, for example. Basic auth seems enough to protect my
> todo list from abuse
Unless you're using HTTPS, that security is not sufficient since your
password will be sent as clear text across an open network...
--
Aj.
More information about the talk
mailing list