Miguel Angel Blanch Lardin schrieb:
> PS: BTW you config/config.ini is world readable.
> A little trick for script kiddies:
>
> chown :users config.ini
> chmod g-r-w-x config.ini
>
> That way as everyone is an user none will be able to see,write or
> execute it but you and webserver.
Well script kiddies come in as webserver user. So there's no way.
And for valid shell users I find it useful, as in your case.
But we could turn it off also.
--
Reini Urban
http://xarch.tu-graz.ac.at/home/rurban/
|
