ok, great. Thanks guys.
>You can also use cfinclude and cfsavecontent to read the file, which is
>faster.
>
>-Original Message-
>From: Rob Wilkerson [mailto:[EMAIL PROTECTED]
>Sent: 30 October 2006 20:00
>To: CF-Talk
>Subject: Re: best practices for encryptio
You can also use cfinclude and cfsavecontent to read the file, which is
faster.
-Original Message-
From: Rob Wilkerson [mailto:[EMAIL PROTECTED]
Sent: 30 October 2006 20:00
To: CF-Talk
Subject: Re: best practices for encryption
On 10/30/06, daniel kessler <[EMAIL PROTECTED]>
On 10/30/06, daniel kessler <[EMAIL PROTECTED]> wrote:
> How do you read something that is above web root?
> And to destroy it, do you just stick it in a var then overwrite the var with
> when done?
Using CFFILE and supplying an absolute path. The content of the file
is simply the value of the
How do you read something that is above web root?
And to destroy it, do you just stick it in a var then overwrite the var with
when done?
>I recently had the same situation come up and ended up choosing the
>security-by-obscurity approach. I generated a key as you did and
>stored it in a fi
On 9/25/06, Rob Wilkerson <[EMAIL PROTECTED]> wrote:
> I generated a key as you did and
> stored it in a file outside of the web root. I read the key as
> needed and destroy it to keep it out of memory.
I should mention that I only store stuff in Application.cfm when I am
not working with anythin
I recently had the same situation come up and ended up choosing the
security-by-obscurity approach. I generated a key as you did and
stored it in a file outside of the web root. I read the key as
needed and destroy it to keep it out of memory. I'd be interested in
how others handled this
[EMAIL PROTECTED]
> Sent: Monday, September 25, 2006 5:12 PM
> To: CF-Talk
> Subject: Re: best practices for encryption
> Importance: High
>
> On 9/25/06, Ray Champagne <[EMAIL PROTECTED]> wrote:
> > I was
> > more worried about where and how to store the gene
On 9/25/06, Ray Champagne <[EMAIL PROTECTED]> wrote:
> I was
> more worried about where and how to store the generated key to decrypt the
> data "on the other side".
That right there is the weak link in the chain no matter what you do.
Someone can hack the box and get that key, and at that point t
ssage-
> From: Matt Robertson [mailto:[EMAIL PROTECTED]
> Sent: Monday, September 25, 2006 4:49 PM
> To: CF-Talk
> Subject: Re: best practices for encryption
>
> The correct answer to your question really depends on the specifics of
> the job at hand. If, for example, you are s
> Sent: Monday, September 25, 2006 4:49 PM
> To: CF-Talk
> Subject: Re: best practices for encryption
>
> The correct answer to your question really depends on the specifics of
> the job at hand. If, for example, you are storing account login
> passwords I would say that a s
The correct answer to your question really depends on the specifics of
the job at hand. If, for example, you are storing account login
passwords I would say that a salted hash is a mighty good option, if
not the best. But that won't work for a lot of things.
What are you up to?
--
[EMAIL PROTE
If you use Encrypt, you will need the same key to Decrypt the data back.
There are multiple types of encryption that CF supports, so you may want to
research into which one fits you best.
You may want to look up the ideas of adding an additional string to your
encryption. A good idea is to have
12 matches
Mail list logo
