[Info-vax] Maybe a bit OT, maybe not.. in any case an interesting article
ChrisQ
meru at devnull.com
Fri May 18 17:09:10 EDT 2012
On 05/17/12 10:58, Paul Sture wrote:
> Web apps in a CMS, although given the constant PHP based attacks I have
> started looking at Python etc solutions which generate static HTML. For
> desktop stuff a mixture of Objective-C for the Mac, COBOL, Fortran, C and
> DCL for VMS, whatever packages take my fancy on Linux (99% in C/C++).
>
Interesting comment about php attacks. The webserver here runs client/
server
model to mysql. Most of the page stuff is static html, but the problem
was how
to hide the server access credentials, password etc. You will probably
think
it overkill, but I used compiled C cgi-bin slip functions (will be in a
shared
library perhaps) to access the server, with encoding within the binary so
that even if someone managed to load it into hexedit, there's no visible
access
info in clear text. The fact that the webserver isn't intel arch should
confuse things a bit more as well, as any attacker will need to know the
native
asm to decode it. Probably a far better way, but am new to all this web
server
business...
Regards,
Chris
More information about the Info-vax
mailing list