2008/5/16 Ian P. Christian <[EMAIL PROTECTED]>: >> i usually secure this file use apache capabilities. > This doens't provide any 'out of the box' security - which I feel is > important.
If you want to secure things at that level, then we should also think about people who make their documentroot as the root of the symfony project, or people allowing HTML in their public comment forms, etc... To me, this part sould be left to the developer responsability. Symfony cannot secure every people applications by default, as every developer have its own weaknesses or misknowledges. Anyway to answer your base question, I personnaly do use the symfony sync task and the rsync_exclude file where I put the *_dev.php files, so these file cannot be published on remote servers. ++ -- Nicolas Perriault http://prendreuncafe.com - http://symfonians.net - http://sensiolabs.com Phone: +33 660 92 08 76 --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "symfony developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-devs?hl=en -~----------~----~----~----~------~----~------~--~---
