You could use fopen() to connect to the file via ftp therefore keeping
the .htaccess file owned by the user for increased security.
Josh Boughner
On Fri, 3 May 2002, Mike Eheler wrote:
It's possible, but is it really recommended? Wouldn't the
.htaccess/.htpasswd file have to be owned by
Im not exactly sure why that is worse, could you elaborate a little?
Josh
On Fri, 3 May 2002, Miguel Cruz wrote:
Thus leaving the FTP account's password in view of the httpd, which is
even worse...
miguel
On Fri, 3 May 2002, serj wrote:
You could use fopen() to connect to the file
access to an area.
Mike
Serj wrote:
Im not exactly sure why that is worse, could you elaborate a little?
Josh
On Fri, 3 May 2002, Miguel Cruz wrote:
Thus leaving the FTP account's password in view of the httpd, which is
even worse...
miguel
On Fri, 3 May 2002, serj wrote
for any reason is
able to take advantage of some kind of exploit that allows them to view
the source of that file, you're toast. They get ahold of your FTP
password and have free reign on your website.
I'm open to suggestions.
serj wrote:
Being that the files are owned by their respective
4 matches
Mail list logo