[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] 250 site limit URGENT HELP REQUIRED

Subject: Re: [cobalt-users] 250 site limit URGENT HELP REQUIRED
From: jens@xxxxxxxxxxxxxxxxxxxx (Jens Kristian Søgaard)
Date: Wed Oct 11 19:13:18 2000
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

"Mike Fritsch" <mfritsch@xxxxxxxxxxxx> writes:

> ereg() and verify EVERY input from your users make sure EVERYTHING is
> compatible and work, can't bug down the server

No, that's really not the best way to do it.

Besides that ereg() is a very slow function, it is also a general rule
in security to use "positive" lists, and not "negative" lists.

I.e. say "The user may enter A, B or C here".

Not "The user may NOT enter XYZ here".

> use encryption and a database backend...

Encryption is not a solution to all problems.

BTW: I would recommend you all to read Bruce Schneier's new book
"Secrets and Lies". It gives even "business-types" a great
introduction to Digital Security.

-- 
Jens Kristian Søgaard, Mermaid Consulting I/S,
jens@xxxxxxxxxxxxxxxxxxxx,
http://www.mermaidconsulting.com/

Follow-Ups:
- Re: [cobalt-users] 250 site limit URGENT HELP REQUIRED
  - From: Mike Fritsch

References:
- Re: [cobalt-users] 250 site limit URGENT HELP REQUIRED
  - From: Jeremy Anthony Kinsey
- Re: [cobalt-users] 250 site limit URGENT HELP REQUIRED
  - From: Mike Fritsch

Prev by Date: [cobalt-users] Re: cobalt-users -- confirmation of subscription -- request 768644
Next by Date: Re: [cobalt-users] RE: cobalt-users digest, Vol 1 #1471 - 23 msgs
Previous by thread: Re: [cobalt-users] 250 site limit URGENT HELP REQUIRED
Next by thread: Re: [cobalt-users] 250 site limit URGENT HELP REQUIRED

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index