Reply to Re: Key-passing from PHP to TCL CGI script - how is it done (web security issue)?

Your name:

Reply:


Posted by Steve on 11/26/86 11:28

> It would function, yes, but I don't see how that would offer any form
> of protection as the hacker would still have access to the TCL CGI
> script with his/her original HTML cached page. I guess I am unclear as
> to how this would tighten things up.

It depends on whether your setup allows you to store files in
directories other than your web root folder and below.

If the TCL script can be stored and executed outside of your web
there's no direct access to it from a browser.

For instance, my host has a fairly common setup where the web root
folder is

/home/steve/web/

but I can create folders in /home/steve that are outside the web.


---
Steve

[Back to original message]


Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация