sean finney, 2008-04-05 11:59:31 +0200 : [...]
>> RequestHeader set FooPassword very-secret-credentials > > i suspect php users will still be able to find that out, in the same > way that they can read ssl private keys from the webserver's memory > (you *did* know they can do that, right? :) Erm, no, I didn't. Is that supposed to happen (by design), or is it just a bug in the PHP interpreter? It sounds like a severe security problem... Roland. -- Roland Mas Au royaume des aveugles, il y a des borgnes à ne pas dépasser. -- in Soeur Marie-Thérèse des Batignoles (Maëster) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
