I'm curious as to how the "hacker" would see all this information (the
username.. password, etc..) just by going to a site where the SQL backend
was down?
Ryan
> -----Original Message-----
> From: BRACK [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, August 07, 2001 12:36 PM
> To: [EMAIL PROTECTED]
> Subject: [PHP] MySQL connection
>
>
> I just wanned to bring the issue of security of MySQL connection:
>
> Let us imagine that SQL server was down for some hours (of
> course without us knowing it) and at the same hours our SQL site
> was visited by some kind of hacker, he can see on his screen all
> our SQL connection info like username, password, and database
> name. You may hide this information in different file than the file
> that your users open then the hacker will see something like
> "include("connect.inc");" or "require("connect.inc");" (of course IF
> server is down). So you may only imagine the consequences of
> this visit of the hacker. What can we do to protect our sensitive
> information if SQL server is down?
>
> Youri
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> To contact the list administrators, e-mail: [EMAIL PROTECTED]
>
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
