[lug] PHP/files/security
John Starkey
jstarkey at advancecreations.com
Sun Jan 21 09:07:24 MST 2001
Hello all.
Can anyone recommend info on security concerns when using PHP with
includes? The app I'm working on is a user desktop for researching medical
issues and the amount of code with all the accessories would be scrolling
for days but they don't wanna use includes because of the security issues.
I can't see an issue unless the script will be editting files on the
drive. Seems to me that if someone does have file level access and can
upload a maliscous script and incorp it into your PHP files they wouldn't
be wasting their time with this. You've got much bigger trouble on your
hands.
TIA,
John
More information about the LUG
mailing list