[Date Prev][Date Next][Thread Prev][Thread Next][Minivend by date
][Minivend by thread
]
Re: [mv] turn off cc security - ? on enc. file storage
> Now, question: if you /were/ going to save order information in an
> encrypted file on your server but outside the web space - any suggestions
> for a place that is inaccessible by nouser so it could not be hacked?
> FYI, we use Apache with Stronghold. One of the problems I have with
> storing even tracking info is the fact that nouser could read it, so
> there might be a user on our machine (or who gets access to our machine
> via a poorly written CGI script) who could poke around and find that
> file. Comments? Criticisms? Suggestions? Complete implementations with
> your own experience? :-)
Umm... you can always make a file that only gives write permissions
as well... then nouser may be able to add to it or overwrite it, but not
get the info back.
--
Anthony Ball ant@maine.com
MaineStreet Communications, Inc 208 Portland Road, Gray, ME 04039
tel:1.207.657.5078 fax:1.207.657.5048 http://www.maine.com/
