| Re: PHP script to only be accessed by cron [message #175299 is a reply to message #175265] |
Thu, 01 September 2011 10:42  |
Denis McMahon
Messages: 634
Registered: September 2010
Karma:
|
Senior Member |
|
|
On Tue, 30 Aug 2011 17:23:06 -0700, jwcarlton wrote:
> I'm writing a PHP script that I want to ONLY be accessed by a predefined
> cron. Can you guys suggest a way to prevent non-cron accesses?
>
> I wouldn't mind encoding the page, too, JUST in case I have a root
> breach (not expected, of course, but not impossible). Since I would only
> need to encode one page, once, would it be reasonable to use the free
> trial of Zend Guard? Or would you guys suggest something different?
You can't prevent non cron access, because root can do anything.
You could create a special user account that was prevented from
interactive login, make your script only readable by this user, and
execute the cron job as this user.
That's probably the best you can do unless you also encrypt the hard
drives.
First of all, you need to assess how much security you actually want /
need. If you really want your data to be secure, then you need to put the
computer in a faraday caged vault with no external data lines and
filtered power supplies.
Then you only need to worry about the integrity of the people who have
access to the vault.
Rgds
Denis McMahon
|
|
|
|
Calendar
Search
Help
Members
Register
Login
Home
]