Hi,
I recently signup with a webhost who suggested that PHP was not safe to use and that CGI is te way to go.
"PHP doesn't run under a setuid wrapper, so you need to make php files world readable, meaning anyone on server can read the password from the script. CGI will run fine without world readability."
Is this true? or rather, is there a way around it?? I haven't read much about major secuirty holes in PHP, so I'm a bit unsure about this.
If anyone has any information, please email me.
Thank you,
Nancy
I recently signup with a webhost who suggested that PHP was not safe to use and that CGI is te way to go.
"PHP doesn't run under a setuid wrapper, so you need to make php files world readable, meaning anyone on server can read the password from the script. CGI will run fine without world readability."
Is this true? or rather, is there a way around it?? I haven't read much about major secuirty holes in PHP, so I'm a bit unsure about this.
If anyone has any information, please email me.
Thank you,
Nancy