Hi Sonic I am not entirely sure how your build script could be any less secure than any file that gets executed on your system?
I exclude the build scripts themselves from being copied even to the development server, so a hacker would have to have access to the file system of my workstation to get up to any mischief. If he had that, then I have lost the battle. Can you elaborate on the situation you were thinking of? As for a cake-ier way of doing this, I am not sure. I am trying to keep my development and deployment tools pretty generic since Cake is only one of the tools that I use (Drupal and osCommerce being others), so I don't want to tie myself to tightly to anything. Regards, Langdon > I was using the mysqldump command with the exec() function in a testing > script I was writing but realised it would only work with MySQL. If I were > to use a variable and have this set to the equivalent for other databases > I'd be worried about the security concerns with allowing a variable to be > passed to exec() which would allow a malicious hacker to run system commands > on my system. > > Just wondering, if you or anyone knows of a cake-ier way of doing this? > > Cheers, > > Sonic --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php -~----------~----~----~----~------~----~------~--~---
