[KLUG Members] database programming question
Adam Tauno WIlliams
adam at morrison-ind.com
Tue Jun 22 16:07:45 EDT 2004
> > Practically speaking, once a MySQL database is created with a
> > couple of logons, I can put up PHPMyAdmin and run major
> > websites without ever again using a shell. That's ease of use.
> I worry a bit about PHPMyAdmin...
> http://www.gentoo.org/security/en/glsa/glsa-200402-05.xml
> That was fixed in February, but since then, there's also been
> a security fix about "cookie hijacking" or something. Best
> if you can make sure your PHPMyAdmin server runs only on an
> internal network, I think...
Can you do things like 'cookie hijack' from an SSL connection? I
thought cookie jacking was actually a service-side exploitation of a
browser bug. ??
Browsers should share cookies from one site with another site (or so
I've been told).
> For the record, the "P" in "LAMP" stands for either PHP or Perl,
> your choice. :)
Don't forget Python!
More information about the Members
mailing list