Posted by Jerry Stuckle on 01/08/07 13:19

cbmeeks wrote:
> I'm a PHP newbie.
>
> I am writing an application that will access a third party (S3 from
> Amazon). I am working with some class files and I need to access my
> secret userid/password.
>
> If I put those in a source code file, the average browser can't view
> the data (as far as I know) but what would stop some system admin from
> viewing my files?
>
> In other words, I have a file called info.php and within it I have:
>
> $userid = 'myuser';
> $pass = 'mypass';
>
> That would easily be visible to a system admin.
>
> Even if I encrypt the data don't I have to store the decryption key
> somewhere?
>
> How do you guys and gals handle it?
>
> Thanks!
>
> cbmeeks
> http://www.codershangout.com
>

If you can't trust your sysadmin you have bigger problems than a
possible compromised password.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================

[Back to original message]