> -----Original Message----- > From: Sean Corfield [mailto:[EMAIL PROTECTED] > Sent: Saturday, April 23, 2005 1:34 PM > To: CF-Talk > Subject: Re: CrystalTech Users Beware > > On 4/23/05, Jim Davis <[EMAIL PROTECTED]> wrote: > > Using a hash of the directory ensures to a great degree of certainty > that > > the name won't be accidentally used again. Adding the salt attempts to > > ensure that nobody could guess the name easily just by knowing your > > application path. > > To be honest, if you're really that concerned about security, you > should get yourself a dedicated server or at least a dedicated server > instance - both of those prevent snooping into your application scope. > Enterprise sandbox security helps prevent a number of vectors but if > you have a determined hacker sharing your physical server, you're > going to be at some degree of risk. You get what you pay for.
Exactly as I've said before. You should expect compromise when sharing - it's just that simple. But the point isn't to completely secure things - it's to secure things has best you can on the budget you have. It's about mitigating risk, not eliminating it. It's about, again as best you can with the resources, eliminating the chance for an honest mistake and reducing the chance of a dishonest attempt. Saying "get a dedicated server" is all well and good but a lot of people don't have the money. So what can you do with your $20 a month? Jim Davis ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Logware (www.logware.us): a new and convenient web-based time tracking application. Start tracking and documenting hours spent on a project or with a client with Logware today. Try it for free with a 15 day trial account. http://www.houseoffusion.com/banners/view.cfm?bannerid=67 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:204117 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
