[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Phptest-users] security

From: Martin Snell
Subject: [Phptest-users] security
Date: Tue, 9 Sep 2003 10:15:50 +0100

I am seriously impressed with Phptest and am preparing to use it next month. Thanks for this! 
However, I am just wondering about the security side of things. I have read the suggestion somewhere in these pages to keep the priveleges of the MySql user's name down to 'select, insert, update and delete' but what about the Phptest 'include' directory and files, which currently reside by default in the public_html area. The config file in particular contains the MySql password etc. Although not directly viewable (??) is this a real security risk, in these days, or am I just paranoid? I assume I could move these files outside the public directory tree, if I found out where they were called from, and made suitable adjustments? Would this be worthwhile or is the current set-up pretty robust?
Martin Snell

reply via email to

[Prev in Thread] Current Thread [Next in Thread]