Posted by Han on 10/08/61 11:27

After long discussions here and through the help of the people in this
board as well, here is what we are going to do. I hope this helps other
people who would deploy a php based solution at user's desktops.

1. We'll make the files read-only (execute-only wont work right?)
2. We'll move all password related questions to a compiled code
(C/C++). We'll make this non-browser based, so the user is not subject
of a simple fishing attack.
3. At the time when the password is asked (before or after), the
compiled code will go over the php installation and check the md5 (or
sha1) of all the php/javascript code.
4. If there is no mismatch, the password is passed to php

There is only one question we couldnt answer at this moment which is
the following: what are the files for which we need to check.

Is PHP monotonic? By that we mean does adding a file to a directory
changes the behavior of php. If the compiled program checks only the
files we created (php/javascript), is it possible to someone to insert
a file in our directory to change the behavior of php? Is there a file
that I can create that redirects php to a different directory?

[Back to original message]