I never wanted this question to be an offense for anyone. I thank you all
for your answers.
Regards
PHPLover
Lux <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> It's unlikely I suppose, but there's a must-have book you should look at
> if you want info on hacks, including browser hacks (Hacking Exposed:
> Network Security Secrets and Solutions, 2nd Edition). The cookie hack
> that comes to mind only works in IE or MS products (but that's only
> what, 90% of the web), but all it is is a line or so of html code that
> somebody places on their site (say in an iframe...) that sends them all
> your cookie data (if the user uses outlook, they can also just place it
> in an email). from there, they use the cookie data to pose as that
> person on various sites trying to gain sensitive info. but if you're
> already giving them the password, how much more sensitive can you get?
>
> so really, if they don't close their browser for a while, this
> possibility increases. and it may be a slim possibility, but it's
> better to be safe than sorry.
>
> later
>
> lux
>
> > Well .. I am ... nobody but the user itself can see the login and
password
> >
> > in the cookie. Unless it's on non-SSL connection and somebody is
> >
> > packet-shiffing around. Otherwise there would be no leak for somebody
else
> >
> > to get this information, is there?
> >
> > And if the user doesn't logout, the cookie is still destroyed when the
> >
> > browser is closed anyway.
> >
> >
> >
> > Eelco.
>
>
> --
>
> John Luxford
> Simian Systems
>
> w: www.simian.ca
> e: [EMAIL PROTECTED]
> p: 204.946.5955
>
> --
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> To contact the list administrators, e-mail: [EMAIL PROTECTED]
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
