|
|||||||||
|
|||||||||
| |||||||||
|
|||||||||
|
|||||||||
| |||||||||
|
|
|
| |||||||||
 |
|
|
«
Previous Thread
|
Next Thread
»
|
Thread Tools | Search this Thread | Rate Thread | Display Modes |
Dev Shed Forums Sponsor:
|
|
|
|
#1
December 17th, 2000, 02:52 PM
|
|||
|
|||
|
I have a client that brought to my attention a very interesting problem.
If he has a website (www.domain.com) and he has a php page on it (order.php) that connects to the database. He has the user and pass in the page. ok. This is a linux server. It seems that another person on the server could just figure out what directory he is in. Then just do "vi order.php" so they could read the user and pass and then connect to the database and steal information. or even steal the scripts I hope I explained this ok. Does anybody have a solution to this? I sure hope so. Visit http://phphost@mybizhosting.com for great deals ------------------ Adam Kling President MyBizHosting http://www.mybizhosting.com Everybody that signs up with us becomes a reseller. Get additional accounts at discount!
|
|
#2
December 21st, 2000, 07:58 AM
|
|||
|
|||
|
this is a problem,
he will have to set up the permissions on his files very carefully, take into account what group he is in (as other users) and what user your webserver runs as (group(s) its in), ------------------ http://plebian.com
|
|
| Viewing: Dev Shed Forums > Web Hosting > Web Hosting > PHP shared server security |
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
|
|
|
 |
|
|
Del.icio.us
Digg
Google
Spurl
Blink
Furl
Simpy
Y! MyWeb
Linear Mode
