On 04/03/2007 07:35 AM, Roberto Mansfield wrote:
So is anyone doing anything to protect plain text passwords in the
filesystem?
Yeah, I make sure people I don't want reading the passwords don't get
into the filesystem. :)
-Micah
--
PHP Database Mailing List (http://www.php.net/)
To unsu
Stut wrote:
> Roberto Mansfield wrote:
>> Bastien Koert wrote:
>>> store your password/access credentials outside the web root and use php
>>> to read the data in.
>>
>> This is good for web attacks, but I'm thinking of an account break in
>> where someone is accessing files directly on the server.
Roberto Mansfield wrote:
Bastien Koert wrote:
store your password/access credentials outside the web root and use php
to read the data in.
This is good for web attacks, but I'm thinking of an account break in
where someone is accessing files directly on the server.
I suggest you think about
Bastien Koert wrote:
> store your password/access credentials outside the web root and use php
> to read the data in.
This is good for web attacks, but I'm thinking of an account break in
where someone is accessing files directly on the server.
> Another alternative is to wrap those items in a
>
store your password/access credentials outside the web root and use php to
read the data in. Another alternative is to wrap those items in a function
and check the calling source to make sure its only your application
hth
Bastien
From: Roberto Mansfield <[EMAIL PROTECTED]>
To: php-db@lists.
