On Jan 5, 2008 11:20 AM, Afan Pasalic <[EMAIL PROTECTED]> wrote:
> That was my thought too, but, when I create new folder - it will
> automatically create php.ini inside and there is no point of deleting them.
>
> HOW insecure it is? Because, since you know there is php.ini you can
> easy open every of them (http://mydomain.com/gallery/images/php.ini) and
> look. Isn't is vulnerable point?
Using .htaccess you can disallow viewing of the file.
If you use phpinfo(); anywhere in your site, that actually
divulges more information, because that will disclose the availability
and configuration of external modules, users on the server, path
information, and more.
--
Daniel P. Brown
[Phone Numbers Go Here!]
[They're Hidden From View!]
If at first you don't succeed, stick to what you know best so that you
can make enough money to pay someone else to do it for you.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
