If a hacker has access to your machine, they're *going* to find your data
files. If your data is valuable enough that this is a concern, then you
should be encrypting the data going into the database, or not storing it on
that machine at all.
I will repeat again:
Security through obscurity is not security at all.
Michael J. Sheldon
Internet Applications Developer
Phone: 480.699.1084
http://www.desertraven.com/
PGP Key Available on Request
-----Original Message-----
From: Bud [mailto:[EMAIL PROTECTED]]
Sent: Sunday, April 02, 2000 10:49
To: [EMAIL PROTECTED]
Subject: RE: naming databases for datasources
On 4/2/00, Mike Sheldon penned:
>Also a good way for someone to try to open it in a text editor and corrupt
>it.
>
>Security through obscurity is not security at all.
>
>Databases should not be placed in directories that are accessible via the
>web. And, if you're worried about someone with access to the server getting
>the data, well that's a whole 'nuther issue.
I don't place them accessible to the web. I'm not completely
empty-headed. No one else has access to the server. I'm thinking more
along the lines of a hacker poking around the machine.
Bud Schneehagen - Tropical Web Creations
_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/
ColdFusion Solutions / eCommerce Development
[EMAIL PROTECTED]
http://www.twcreations.com/
954.721.3452
----------------------------------------------------------------------------
--
Archives: http://www.eGroups.com/list/cf-talk
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or
send a message to [EMAIL PROTECTED] with 'unsubscribe' in
the body.
------------------------------------------------------------------------------
Archives: http://www.eGroups.com/list/cf-talk
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
