|
Posted by Johannes Findeisen on 03/27/05 21:14
Hello,
It is generally not a good idea to make scripts to everybody writeable. I
think that if you're implementing auto-update features in PHP scripts they
only could be insecure. Okay, you have one more feature but what if this
feature goes out of control? Be really carefull when writing such
applications. Maybe there are nice and secure solutions which maybe work but
you really should set a focus on security.
More info:
http://www.php.net/manual/en/function.chmod.php
Regards
hanez
On Sunday 27 March 2005 19:08, Evert - Rooftop Solutions wrote:
> Hi people,
>
> I'm trying to think of a way to make an auto-updater for my distributed
> scripts. If I wanted to do this, I'd have to give write access to the
> php scripts to the apache user or world.
> Everywhere I read that you shouldn't to that, but I'm thinking that if
> you script your stuff right, there shouldn't be any problem. The
> numerous places I read that I shouldn't do that gives me certain doubts
> though.
>
> any comments on this?
>
> regards,
> Evert
>
> --
> Rooftop Solutions - Web Applications on Demand
> tel. (+31)628962319 fax. (+31)842242474
> http://www.rooftopsolutions.nl
--
# Johannes Findeisen
[Back to original message]
|