[CLUE-Tech] How safe is it?
Randy Arabie
randy at arabie.org
Sun Nov 3 07:46:24 MST 2002
On Saturday, 2 November 2002 at 4:45:16 -0700, Roger Frank wrote:
> I want to have some content in my /var/www/html directory that
> has restricted access. How safe are these scenarios:
>
> 1. I put it there in a subdirectory with no link and an unlikely
> name, such as /var/www/html/t87mz3q/secret_stuff.
> (I question, for example, if httrack can be set to mirror
> everything, or if one can somehow get to the /var/www/html
> directory and do the equivalent of an `ls` command.)
>
> 2. I put it on a link, such as "Solutions to Student Labs", that
> is password protected, probably using a PHP intermediate page.
> (Here, I'm wondering what can be done with viewing the page
> source and following it. Are PHP or PERL or any password
> page/link protection schemes solid?)
>
> 3. Other scenarios that work, other than "Don't put the data there
> if you don't want it compromised".
>
> Many thanks.
What about using .htaccess password protection on the secret_stuff directory?
--
Allons Rouler!
Randy
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
Url : http://cluedenver.org/pipermail/clue-tech/attachments/20021103/54fc573a/attachment.bin
More information about the clue-tech
mailing list