Re: [PHP] PHP Security Workbook

2004-08-19 Thread Chris Ditty
Thanks for the article Chris. Printing it out now and will read it later. Chris -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] PHP Security Workbook

2004-08-19 Thread Chris Shiflett
--- John Nichel <[EMAIL PROTECTED]> wrote: > Chris Shiflett wrote: > > This news is a bit old, but I have made the workbook for my > > OSCON tutorial freely available from this URL: > > > > http://shiflett.org/php-security.pdf > > > > It's a 55 page PDF that has a lot of information (more than >

Re: [PHP] PHP Security Workbook

2004-08-19 Thread John Nichel
Chris Shiflett wrote: This news is a bit old, but I have made the workbook for my OSCON tutorial freely available from this URL: http://shiflett.org/php-security.pdf It's a 55 page PDF that has a lot of information (more than the slides) about some of the more important security topics. I hope you

Re: [PHP] PHP Security Workbook

2004-08-15 Thread Octavian Rasnita
Oh thank you for this information. This is very important for me to know. > Yes, this is another thing that I mention in the talk but failed to > include in the workbook. When this approach is being applied to a shared > hosting environment, you want to put the Include directive within a > Virtual

Re: [PHP] PHP Security Workbook

2004-08-15 Thread Chris Shiflett
--- Octavian Rasnita <[EMAIL PROTECTED]> wrote: > I have also read that pdf document and I have found another > interesting advice. > > The author says that a good way of hiding the username/password > is to put a file that exports 2 environment variables in a directory > that can be read only by

Re: [PHP] PHP Security Workbook

2004-08-15 Thread Octavian Rasnita
t; To: "Burhan Khalid" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Sunday, August 15, 2004 4:05 PM Subject: Re: [PHP] PHP Security Workbook > --- Burhan Khalid <[EMAIL PROTECTED]> wrote: > > Most of the stuff was common sense to me (and I was glad I > >

Re: [PHP] PHP Security Workbook

2004-08-15 Thread Chris Shiflett
--- Burhan Khalid <[EMAIL PROTECTED]> wrote: > Most of the stuff was common sense to me (and I was glad I > was doing those things unconsciously). That's good to hear. :-) Most of the people that have heard me give this talk (which is a few hundred now) have realized several vulnerabilities in th

Re: [PHP] PHP Security Workbook

2004-08-14 Thread Burhan Khalid
Chris Shiflett wrote: This news is a bit old, but I have made the workbook for my OSCON tutorial freely available from this URL: http://shiflett.org/php-security.pdf It's a 55 page PDF that has a lot of information (more than the slides) about some of the more important security topics. Nice articl

[PHP] PHP Security Workbook

2004-08-13 Thread Chris Shiflett
This news is a bit old, but I have made the workbook for my OSCON tutorial freely available from this URL: http://shiflett.org/php-security.pdf It's a 55 page PDF that has a lot of information (more than the slides) about some of the more important security topics. I hope you find it helpful. C