| From: | Martin Marques <martin(at)bugs(dot)unl(dot)edu(dot)ar> |
|---|---|
| To: | "Cody Phanekham" <Cody(dot)Phanekham(at)salmat(dot)com(dot)au> |
| Cc: | <pgsql-php(at)postgresql(dot)org> |
| Subject: | Re: Securing PHP scripts |
| Date: | 2003-08-19 11:30:27 |
| Message-ID: | 200308190830.28167.martin@bugs.unl.edu.ar |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-php |
El Mar 19 Ago 2003 00:08, escribió:
> I should of mentioned that the server is a dedicated PHP / PostgreSQL
> server, therefore no other user would have access to it.
>
> My only concern is *if* the server gets compromised, then the attacker
> would have access to the DB without too much effort.
IF the attacker compromises your server access, I think there will be other
things to be MORE concern about.
--
Porqué usar una base de datos relacional cualquiera,
si podés usar PostgreSQL?
-----------------------------------------------------------------
Martín Marqués | mmarques(at)unl(dot)edu(dot)ar
Programador, Administrador, DBA | Centro de Telematica
Universidad Nacional
del Litoral
-----------------------------------------------------------------
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Joe Nilson Zegarra Galvez | 2003-08-19 13:13:04 | Postgres connection |
| Previous Message | Gerd Terlutter | 2003-08-19 08:05:55 | Re: Authentication Failure with pg_pconnect |