Reply to Re: Is there a way to verify integrity of php/javascript code

Your name:

Reply:


Posted by Gordon Burditt on 09/26/35 11:27

>> Our app runs on end-users machines (apache2.x + php5). At this moment
>> it is quite easy for someone (who has access to the console) to insert
>> a couple lines of php code to steal sensitive info.
>>
>> Is there a way to check the integrity of the php and javascript code by
>> using digital signatures/simple hash/etc. ?
>>
>> What do you do to verify that your code has not been changed by someone
>> else and everything is leaked to a rogue site?
>>
>> Thanks for your help
>> -Han
>
>the md5 of the files would change completly if it was tampered with at
>all.
>
>you can use the php 'md5("path/to/file")' function to check the
>integrity of files through php.

Until, of course, someone modifies their copy so that the path/to/file
points at an *unmodified* copy which is never run but is only used
to pass the integrity check.

Gordon L. Burditt

[Back to original message]


Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация