Re: My rant about unix home directories

In article <ksH4g.117$ZM6.102@xxxxxxxxxxxxxxxxxxxxx>,
David Haynes <david.haynes2@xxxxxxxxxxxx> wrote:

1. How is this specific to Unix and/or home directories? It seems more
about keeping private data in the web server space.

Indeed.

2. Why not keep most of your private data in a database? That is not
within the web server space but can be accessed as needed.

Well, information about how to connect to the database and
username/password couldn't really be kept in the database you're
trying to connect to.

3. If you need to store private data within the web server space, why
not encrypt it first?

The OP was probably mostly talking about "download your PHP guestbook
now" type of scripts, where the scripts has its settings in a file
that needs to be resided on the same path as the script itself, for
convenience - since the programmer, or program, doesn't know where
"Outside the web scope is" for all the people that will download the
script.

Encrypting such a file needs the user to know HOW to encrypt it. A
startup process that asks - via web forms - for the passwd/user and
then saves and reades them encrypted would be a good idea.-



--
Sandman[.net]
.