On Wed, 11 Aug 2004 01:12:40 +0800, Jason Wong <[EMAIL PROTECTED]> wrote: > On Wednesday 11 August 2004 00:48, Justin Patrin wrote: > > > I don't see how it would be a security problem. They probably just > > don't understand and think you want FTP access to the server. > > Huh? Isn't FTP the usual mechanism for accessing your shared hosting space? >
It may be. It shouldn't be, though. SFTP at the very least. Getting someone's FTP login is pretty easy compared to something secure. > > Allowing > > outbound FTP is only an issue if people sniff the network because they > > can see your login in plaintext. > > Actually any plain old ftp is subject sniffing. A better solution is to use > chrooted ssh accounts. There are enough clients out there which supports file > transfers over ssh to make this practical. I realize that any FTP can be sniffed. I was speaking to his host not wanting to allow the FTP command on the server, which would mean outgoing FTP requests. Yes, it should all be SSL based. > > -- > Jason Wong -> Gremlins Associates -> www.gremlins.biz > Open Source Software Systems Integrators > * Web Design & Hosting * Internet & Intranet Applications Development * > ------------------------------------------ > Search the list archives before you post > http://marc.theaimsgroup.com/?l=php-general > ------------------------------------------ > /* > He who attacks the fundamentals of the American broadcasting industry > attacks democracy itself. > -- William S. Paley, chairman of CBS > */ > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > > !DSPAM:411906b964891092692678! > > -- DB_DataObject_FormBuilder - The database at your fingertips http://pear.php.net/package/DB_DataObject_FormBuilder paperCrane --Justin Patrin-- -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
