From: "Chris W. Parker" <[EMAIL PROTECTED]> > But seriously, why is it such a bad idea? I'd like to finally figure > this out so I don't keep coming up with them (not that I've ever used > any). ;)
I've got to remember back to what the original thread was about... :) The suggestion, iirc, was to pass an MD5() hash of the username and password in a cookie to identify the user. The problem with this is that cookies are sent plain text and can be intercepted. So, anyone intercepting the cookie and finding out the MD5() hash needs only to create a cookie on their own machine with this same hash to now "become" the other user. They don't need to know the actual username or password and you're script wouldn't know the difference. Now, there are some scripts that do this (forums, for example) as a sort of "remember me" feature, but they do it at a trade off for security. Using a method like this is saying that if one user impersonates another, it's not really going to mess up anything on the site, there's not much harm they can do, etc. An impersonated user on a forum may cause a little havoc, but it'd be real TROUBLE if done on a banking site. One way to alleviate some of the security issues is to have the hash unrelated to the username and password and have it change often. That way, even if another user gets it, it's only good for so long. Hope that helps. Contact me offline anytime for more explanation if you want. :) ---John Holmes... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
