FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » Imported messages » comp.lang.php » PHP script to only be accessed by cron
Show: Today's Messages :: Polls :: Message Navigator
Return to the default flat view Create a new topic Submit Reply
Re: PHP script to only be accessed by cron [message #175286 is a reply to message #175281] Wed, 31 August 2011 16:48 Go to previous messageGo to previous message
The Natural Philosoph is currently offline  The Natural Philosoph
Messages: 993
Registered: September 2010
Karma:
Senior Member
Peter H. Coffin wrote:
> On Tue, 30 Aug 2011 19:16:00 -0700 (PDT), jwcarlton wrote:
>>>> I wouldn't mind encoding the page, too, JUST in case I have a root
>>>> breach (not expected, of course, but not impossible). Since I would
>>>> only need to encode one page, once, would it be reasonable to use the
>>>> free trial of Zend Guard? Or would you guys suggest something
>>>> different?
>>> Way, way, way too complicated. Stop thinking "page", start thinking
>>> "script file".
>> I'm not sure that I follow. If a hacker gains root access, I don't
>> want them to be able to go to the cron page and obtain the encryption
>> keys in the page; otherwise, they'll be able to get all of the
>> otherwise nicely secured data.
>>
>> If not Zend Guard, what else do you recommend?
>
> If an attacker gets root access, inside the system, the attacker has the
> encryption keys, no matter where you bury them. Might as well make sure
> that nobody can get them from *outside* the system, which you can
> actually do something about.
>

well yes and no. If they are hard coded in a compiled program, at least
without serious dissassembly they can only be used as that program
intended, not generically.

In the similar way that reading /etc/passwd doesn't actually tell you
want the password was, though it gives you a great chance of a brute
force attack on it succeeding.
[Message index]
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: php help
Next Topic: Newbie: very basic jquery drag drop
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Tue Nov 26 04:49:56 GMT 2024

Total time taken to generate the page: 0.04050 seconds