[nycphp-talk] escapeshellcmd stupidity?

Ajai Khattri ajai at
Sat Jan 3 01:15:58 EST 2009

On Fri, 2 Jan 2009, Allen Shaw wrote:

> I have a shell script that manages my todo list, and I'd like to access 
> it through the Web as well, for convenience when I'm traveling.  ssh is 
> not ideal here, since Web gives me access from any machine without 
> downloading PuTTY, for example.  Basic auth seems enough to protect my 
> todo list from abuse

Unless you're using HTTPS, that security is not sufficient since your 
password will be sent as clear text across an open network...


More information about the talk mailing list