NYCPHP Meetup

NYPHP.org

[nycphp-talk] Basic security question

Daniel Convissor danielc at analysisandsolutions.com
Sat Jul 17 09:18:53 EDT 2004 

On Fri, Jul 16, 2004 at 11:47:30PM -0700, Chris Shiflett wrote:
> 
> but if you're concerned about giving away too
> much information, I think error messages are the first place to be
> looking.

Good advice too.  The errors display the full path to a file.  This can 
help crackers learn about you system's configuration and use that info 
when leveraging exploits.

--Dan

-- 
 T H E   A N A L Y S I S   A N D   S O L U T I O N S   C O M P A N Y
            data intensive web and database programming
                http://www.AnalysisAndSolutions.com/
 4015 7th Ave #4, Brooklyn NY 11232  v: 718-854-0335 f: 718-854-0409

More information about the talk mailing list