|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Matt Sergeant (msergeant
startechgroup.co.uk)Date: Wed Mar 06 2002 - 05:18:43 CST
On Tue, 5 Mar 2002, Nancy Gabriel wrote:
> rain forest puppy wrote:
> >
> > > Do you mean the user types something for the local secret string, so it
> > > is different for each session?
> >
> > No. A common site secret, much like a password. Secret cannot be known,
> > or the security is reduced once again to being as good as using
> > microtime() as the session ID.
>
> OK, but then it all depends on how secure the site server is.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
This is one of those "No duh!" moments. EVERYTHING depends on how secure
your site server is!
-- Matt. <:->get a SMart net</:->________________________________________________________________________ This e-mail has been scanned for all viruses by Star Internet. The service is powered by MessageLabs. For more information on a proactive anti-virus service working around the clock, around the globe, visit: http://www.star.net.uk ________________________________________________________________________
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]