Dustin Runnells wrote:
> if (crypt($password,"ab") == "myCryptedPassword") {Sorry to reply to my own post, but now that i look at it, that if should probably actually check if $error has anything. And assuming register globals is off: $PHP_SELF = $_SERVER["PHP_SELF"]; $password = $_POST["password"]; should be in there somewhere. On the bad scale, how bad is it to have iptables in sudoers for the apache user anyway? -- Dustin Runnells [EMAIL PROTECTED] -- http://linuxfromscratch.org/mailman/listinfo/lfs-security FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
