P is for Practical | |
PerlMonks |
Re: Re: Re: Does fatalsToBrowser give too much information to a cracker?by tachyon (Chancellor) |
on Apr 10, 2002 at 14:46 UTC ( [id://158034]=note: print w/replies, xml ) | Need Help?? |
Sure so you should use ? place holders. With fatalsToBrowser active a *creative* user will probably get an informative error after submitting the first name. Then such a user might get the entire customer database. Thanks for coming.... Security is all about hurdles, depth and vigilence. You need to accept that nothing can ever be 100% secure. You attempt to make it more trouble than it is worth to breach your security. Just as you would be unwise to publish the wiring diagram for your alarm system so to you are unwise to (widely) advertise your source code. Of course code reviews like those offered by merlyn are a good idea (if you trust him ;-) cheers tachyon s&&rsenoyhcatreve&&&s&n.+t&"$'$`$\"$\&"&ee&&y&srve&&d&&print
In Section
Seekers of Perl Wisdom
|
|