[lug] PHP/files/security
John Starkey
jstarkey at advancecreations.com
Sun Jan 21 12:32:13 MST 2001
> What security issues w/ include files? If PHP is properly configured,
> and you reasonably keep up with PHP releases there aren't any.
I'm not sure. We'll be working together later today. i'll ask her what
she's specifically talking about. Like I said, the way I see it is the
only reasonable concern is when someone has access to the files.
John
> On Sun, Jan 21, 2001, at 10:07:24 AM John Starkey <jstarkey at advancecreations.com> wrote:
> --------------------------------------------------
> Hello all.
>
> Can anyone recommend info on security concerns when using PHP with
> includes? The app I'm working on is a user desktop for researching medical
> issues and the amount of code with all the accessories would be scrolling
> for days but they don't wanna use includes because of the security issues.
>
> I can't see an issue unless the script will be editting files on the
> drive. Seems to me that if someone does have file level access and can
> upload a maliscous script and incorp it into your PHP files they wouldn't
> be wasting their time with this. You've got much bigger trouble on your
> hands.
>
>
> TIA,
>
> John
>
>
> _______________________________________________
> Web Page: http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
>
> ------------------------------------------------------------------
> You've received MurlMail! -- FREE, web-based email, accessible
> anywhere, anytime from any browser-enabled device. Sign up now at
> http://murl.com
>
> Murl.com - At Your Service
>
>
> _______________________________________________
> Web Page: http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
>
More information about the LUG
mailing list