[nycphp-talk] server-writable php files
ashaw at polymerdb.org
Fri Jun 9 17:07:54 EDT 2006
Yeah, that's right. Guess I was thinking too narrowly. Thanks.
Ken Robinson wrote:
> At 04:51 PM 6/9/2006, Allen Shaw wrote:
>>1. Create the file
>>2. store md5 checksum of in database
>>3. compare stored checksum and actual file checksum anytime before
>>running the file later.
> That might be fine for files you create, but what is going to stop a
> malicious person who finds the directory, put his own scripts into
> it, and causes havoc to your server or the web and you won't even
> know he's there until too late.
> New York PHP Community Talk Mailing List
> New York PHP Conference and Expo 2006
> Show Your Participation in New York PHP
More information about the talk