[svlug] Privacy issue with my php solution...

Sarah Newman newmans at sonic.net
Sat Sep 5 17:24:45 PDT 2015


On 09/05/2015 05:21 PM, Michael Robinson wrote:
> I found out that I can create a table in php by reading a database if
> the php files on the server are readable and executable by the whole
> world.  Trouble is, that reveals the database password.  While the
> database I'm using is not accessible from the Internet, this still
> isn't particularly good.  Is there another way to solve this that
> doesn't involve revealing the database password to the world?

I think you can include another php file that isn't world readable.




More information about the svlug mailing list