it's much easier to detect a modification of a script instead of just a "cat
dbconf.php".
Keyser Soze
----Original Message-----
What stops the hacker from doing:
$vars_db = cfg_get("db.cfg");
connect($conf[dbhost], $conf[dbname] , $conf[dbuser] , $conf[dbpass] );
print_r($conf); // or var_dump($conf);
?
> And the encryption method can be changed easily, just doing a new
> libmycrypt.so. Like I said, libmycrypt.so is meant to have the funtionc
> (char *)my_crypt(char *) and (char *)my_decrypt(char *).
> The encryption method will be the user/admin choice.
>
--
Robin Ericsson <lobbin at localhost dot nu>
"The secret of flying is to throw yourself at the ground, and miss."
-- Douglas Adams
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
