ible
to make your system "reasonably secure".
Am I missing something?
Dean
-Original Message-
From: Matthew Toledo [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 21, 2001 8:44 AM
To: [EMAIL PROTECTED]
Subject: [PHP-INST] Blatant PHP security issues
I recently just
> I have looked around the web and have yet to find a good tutorial on how to
> enable SuEXEC to work with PHP.
>
Use the CGI version.
Kai
--
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com
IE-Center: http://ie5.de & http://msie.winware.org
Cl
I personally don't see this as a major problem, ASP and Cold Fusion do
things the same way. If you work the security end of things correctly,
people shouldn't be able to see your config file that you can include from
somewhere else . . . that people can't see or have a mimetype returned
properly.
I recently just started using PHP. While it is easy to use, their are some
very frightening security issues that I can't believe more people aren't
complaining about. Security issues that should scare any sane programmer
from using PHP. For instance, PHP scripts have to be world readable. Which
