NYCPHP Meetup

[nycphp-talk] server-writable php files

Allen Shaw ashaw at polymerdb.org
Fri Jun 9 17:07:54 EDT 2006


Yeah, that's right.  Guess I was thinking too narrowly.  Thanks.

- Allen

Ken Robinson wrote:
> At 04:51 PM 6/9/2006, Allen Shaw wrote:
> 
>>1. Create the file
>>2. store md5 checksum of in database
>>3. compare stored checksum and actual file checksum anytime before
>>running the file later.
>>
>>No?
> 
> 
> That might be fine for files you create, but what is going to stop a 
> malicious person who finds the directory, put his own scripts into 
> it, and causes havoc to your server or the web and you won't even 
> know he's there until too late.
> 
> Ken 
> 
> _______________________________________________
> New York PHP Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
> New York PHP Conference and Expo 2006
> http://www.nyphpcon.com
> Show Your Participation in New York PHP
> http://www.nyphp.org/show_participation.php
> 


-- 
Allen Shaw
Polymer (http://polymerdb.org)



More information about the talk mailing list