List:General Discussion« Previous MessageNext Message »
From:Mitchell Wright Date:October 25 2002 3:56pm
Subject:Re: phpmyadmin (OT)
View as plain text  
Hrm.

Yes, php can be vulnerable, but I was more worried about phpmyadmin and the
potential of direct access to my databases.

This particular server runs red hat 7.3, and they bundle php with their
distro. They also patch everything in their distros fairly regularly and I
subscribe to their update services, I feel fairly secure in their offerings.

I was mostly fishing for any horror stories out there from people that
installed phpmyadmin and were hacked because of it. I like the convenience,
but am not willing to sacrifice security. I am however willing to run php,
so the security concern is purely with phpmyadmin.

Any advice would be most appreciated,

Mitchell

On 10/25/02 11:47 AM, "Thomas Seifert" <ts77@stripped> wrote:

> I don't want to start a flame but where do take this from?
> Every security-hole in php has been fixed shortly after it was known.
> 
> Its as secure as any other server-side scripting-language in the web.
> 
> 
> Thomas
> 
> On Fri, 25 Oct 2002 10:40:32 -0500 "Ed Carp" <erc@stripped> wrote:
> 
>> PHP itself is not secure unless special steps are taken to secure it, and
>> even then it's no guarantee.  There have been several exploits published
>> against PHP, and a few of them have been root exploits.  I avoid PHP when I
>> can, especially on shared servers.
>> 
> 
> sql, query
> 
> ---------------------------------------------------------------------
> Before posting, please check:
>  http://www.mysql.com/manual.php   (the manual)
>  http://lists.mysql.com/           (the list archive)
> 
> To request this thread, e-mail <mysql-thread123231@stripped>
> To unsubscribe, e-mail <mysql-unsubscribe-webmaster=nimm.com@stripped>
> Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
> 
> 

Thread
ConnectionArthur25 Oct
  • Re: ConnectionJocelyn Fournier25 Oct
  • phpmyadminMitchell Wright25 Oct
    • RE: phpmyadminEd Carp25 Oct
      • Re: phpmyadmin (OT)Thomas Seifert25 Oct
        • Re: phpmyadmin (OT)Mitchell Wright25 Oct
      • RE: phpmyadminJohn Chang25 Oct
        • RE: phpmyadminJeroen Geusebroek26 Oct
        • RE: phpmyadminEd Carp26 Oct
    • Re: phpmyadmin (OT)Mark Stringham25 Oct
    • InnoDB and auto_increment fieldsChris Boget25 Oct
      • Re: InnoDB and auto_increment fieldsDyego Souza do Carmo25 Oct
      • Re: InnoDB and auto_increment fieldsPaul DuBois26 Oct
    • Re: InnoDB and auto_increment fieldsChris Boget25 Oct
      • Re: InnoDB and auto_increment fieldsPete Harlan28 Oct
    • Re: InnoDB and auto_increment fieldsChris Boget28 Oct
Re: phpmyadminJan Steinman27 Oct