Posted by IWP506 on 11/24/87 11:27
Han wrote:
> Our app runs on end-users machines (apache2.x + php5). At this moment
> it is quite easy for someone (who has access to the console) to insert
> a couple lines of php code to steal sensitive info.
>
> Is there a way to check the integrity of the php and javascript code by
> using digital signatures/simple hash/etc. ?
>
> What do you do to verify that your code has not been changed by someone
> else and everything is leaked to a rogue site?
>
> Thanks for your help
> -Han
the md5 of the files would change completly if it was tampered with at
all.
you can use the php 'md5("path/to/file")' function to check the
integrity of files through php.
hope this helps.
iwp
Navigation:
[Reply to this message]
|