hi,
On 6/3/07, Voytek Eymont <[EMAIL PROTECTED]> wrote:
> One reason I have heard is to have DB passwords outside the web root,
> just in case permissions go all weird and are being openly displayed on the
> interweb.
thanks, Simon
yes, that was the reason why I've set it as such in the past;
but, then I look at variety of php apps that are around, and, just about
all of them have includes and db passwords in an inc directory
inside/below web root, so I was thinking, if it's good for them....
many php apps are written this way is so they can run on shared
hosting with no access to any directories below the webroot.
if you have control over the hosting setup, then keeping passwords etc
out of the webroot is a good thing.
cheers
justin
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
