Reply to Re: Why to use PHP

Your name:

Reply:


Posted by Jerry Stuckle on 10/27/06 12:38

TheTeapot wrote:
> Rik wrote:
>
>>R K wrote:
>>
>>>Rik wrote:
>>>
>>>>R K wrote:
>>>>
>>>>>Then I'd have to reboot the server for every change, not interested
>>>>>in that. Already short on time and this is not my real job.
>>>>
>>>>Well, there's security and there's the illusion of security. Good
>>>>luck.
>>>
>>>It's worked for me so far. Gold plating every damn thing hasn't.
>>>Back at ya.
>>
>>Hmmmf.
>>Last piece of advice:
>>if you have different users, different user-dirs, but want to apply
>>unoveridable settings to every dir:
>>http://httpd.apache.org/docs/2.0/mod/mod_userdir.html
>>http://httpd.apache.org/docs/2.0/howto/public_html.html
>>
>>And check AllowOverride
>>
>>For more information alt.apache.configuration
>>--
>>Rik Wasmus
>
>
> Rather than an upload directory, it has been set up to use the user's
> "Sites/" folder.
>
> I think that the end solution will be to point out that few students
> will know how to code and use the PHP on the system, and none of the
> students I know can actually use PHP to hack a server.
>
> The other thing is that it isn't part of the Internet, only the
> school's Intranet.
>
> Thanks everyone, I'll see how I go tomorrow.
>

(Top posting fixed)

I agree with Moot. Students are much smarter and capable than you
think. Some of them may have been doing PHP for several years - and
would know a lot more than you do.

If you don't know how to properly secure your system you are not only
looking for trouble - you're opening the door wide and putting a huge
"Welcome" mat on the porch.

And what's it going to cost your school in attorney's fees, reputation,
etc. if someone hacks the grades database? Or gets a list of SSN's, etc.?

If you can't secure it properly, don't have *any* access to anything
private available. Better yet, don't allow students on the system in
the first place. Set up a different server for them which is isolated
from the rest of the school's network.

P.S. Please don't top post. Thanks.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================

[Back to original message]
Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация