Reply to Re: free tool to encrypt php?

Your name:

Reply:


Posted by Michael Fesser on 10/21/07 20:55

..oO(Jerry Stuckle)

>Gary L. Burnore wrote:
>>
>> Security is about many things of which prevention is one.
>
>No responsible person in the security field will ever claim that.
>
>There is no such thing as "prevention". That would indicate that
>something can't happen, which is impossible to do.

If a file is stored outside the document root, it can't be accessed by a
URL. That's prevention.

If you allow the user to submit a value out of [1, 2, 3] to a form
processing script and check it against the set of allowed values, they
can't inject a 4. That's prevention.

>For instance, banks have been trying to prevent robberies for hundreds
>of years. Nowadays they have CCTV, armed guards, vaults, silent
>alarms... the list goes on. But they still get robbed. Because there
>is no "prevention".

There are things that _can_ be prevented and there are things were you
can just lower the probability of it to happen.

Micha

[Back to original message]
Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация