Hosting Provided By

Re: ping22: can not kill this process

From: Rick Moen <rick(at)linuxmafia.com>
Date: Sat Jan 05 2008 - 17:53:46 EST

Quoting Luis Mondesi (lemsx1@gmail.com):

> Good one! LOL
>
> spilling ugly db*connect() errors to the world to see is not very
> secure indeed. or how about: foo() could not open /etc/my-secret-users
> file....

Which is of course why you also want these in php.ini:

log_errors = On
error_log = syslog
display_errors = Off

-- 
Cheers,               I have /usr/sbin/coffee mounted from /dev/mug right now, 
Rick Moen             and you can't have it.  Oh no, I just tried to seek past 
rick@linuxmafia.com   end-of-beverage. *sigh*  -- Graham Reed, in The Monastery


-- 
To UNSUBSCRIBE, email to debian-security-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Received on Sat Jan 5 17:54:39 2008

This message: [ Message body ]
Next message: Florian Weimer: "Re: [SECURITY] [DSA 1447-1] New tomcat5.5 packages fix several vulnerabilities"
Previous message: Luis Mondesi: "Re: ping22: can not kill this process"
In reply to: Luis Mondesi: "Re: ping22: can not kill this process"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Mar 19 2008 - 06:55:00 EDT