Why PHP is so much more popular for web-development
Paul Rubin
http
Thu Jul 26 16:26:33 EDT 2007
Steve Holden <steve at holdenweb.com> writes:
> > That sounds trivial to ameliorate (at least somewhat) by putting your
> > uploads in a directory whose name is known only to you (let's say it's
> > a random 20-letter string). The parent directory can be protected to
> > not allow reading the subdirectory names.
>
> But you have to admit that's "security by obscurity".
I'm not completely sure it's security by obscurity if the system setup
is careful. The pathname is like a password and maybe it can be
proteced from exposure to the same degree that other file system
contents are protected. This would not pass review for protecting
launch codes, but neither most things done on even serious commercial
web sites.
More information about the Python-list
mailing list