bock at step.polymtl.ca
Ven 27 Oct 16:52:51 EDT 2006
On Friday 27 October 2006 10:57, listserv.traffic at sloop.net wrote:
> Security issues:
> I assume after install and configure, one should remove the
> install.php file for security purposes, right?
It is indeed more secure, as if a local user manages to read the temp passoerd
in /tmp he could get access to the install script.
> Are there other files or directories that need modifications?
Make sure that config.php is only readable by your web erver's user, as it
contains the database password (off course, this is only relevent if you
actually changed it...).
> Question, though not exactly related to WiFiDog...
> I've checked out the code for the Auth server from SVN.
> Is there a reason to leave the .svn control directories etc in place
> on a production server? Is there any risk to doing so, or any benefit?
The benefit is that it's trivial to upgrade later. There is no real risk
associated with it.
Plus d'informations sur la liste de diffusion WiFiDog