The recent thread on security has prompted me to think about
security in a shared server environment. I want to see if my
understanding is correct ...
Let's say I am in a shared server environment & the provider does
NOT have safe_mode turned on. In that case, it seems to me that
it is "insecure" to keep "secrets" (e.g., DB passwords) in a PHP
file that is executed by the server.
I say this because any other users of that shared host can read
the PHP file & obtain the secret. There does not seem to be any
way around this (once again, I am assuming safe_mode is NOT
Am I correct?
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php