Posted by Han on 11/22/65 11:27
Our app runs on end-users machines (apache2.x + php5). At this moment
it is quite easy for someone (who has access to the console) to insert
a couple lines of php code to steal sensitive info.
Is there a way to check the integrity of the php and javascript code by
using digital signatures/simple hash/etc. ?
What do you do to verify that your code has not been changed by someone
else and everything is leaked to a rogue site?
Thanks for your help
-Han
Navigation:
[Reply to this message]
|