SecurityFocus

Secure Web-Based Administration Jan 17 2003 02:59PM
Ryan (ryan vbnet net) (7 replies)

Re: Secure Web-Based Administration Jan 24 2003 06:33PM
Christian Meier (email2chris gmx net) (2 replies)

RE: Secure Web-Based Administration Jan 29 2003 07:12PM
Rob Sterenborg (rsterenborg xs4all nl)

> Would it be more secure, if you would write all changes that
> should be made to a database and those commands were executed
> by a script that is run as cronjob?

You'd have some time before the changes become effective, which is the
good thing about it.
But if some evil user has the chance to make any changes, then those
changes will become effective anyway when you're not there to check
things. So then where's your security ?

How about if you put the changes in a table and email a predefined
root-equivalent user that changes have been made. Then any changes will
not become effective untill the user that has been emailed has replied
to acknowledge or something.

Rob

[ reply ]

Re: Secure Web-Based Administration Jan 29 2003 06:32PM
Jos Kirps|EducDesign (jos kirps educdesign lu)

Re: Secure Web-Based Administration Jan 22 2003 09:38PM
jon schatz (jon divisionbyzero com)

Re: Secure Web-Based Administration Jan 22 2003 04:46PM
John Allman (allmanj houseofireland com)

Re: Secure Web-Based Administration Jan 21 2003 09:47AM
Glynn Clements (glynn clements virgin net)

Re: Secure Web-Based Administration Jan 21 2003 05:23AM
Brian Hatch (focus-linux ifokr org) (1 replies)

Re: Secure Web-Based Administration Jan 23 2003 09:19PM
konold (at) erfrakon (dot) de [email concealed] (konold erfrakon de)

Re: Secure Web-Based Administration Jan 21 2003 03:39AM
Ben La Monica (ben cylindrinet com)

Re: Secure Web-Based Administration Jan 21 2003 02:50AM
Bill Weiss (houdini nmt edu)