From: "Antti Kurenniemi" 

"Geo."  wrote in message
news:4060ca5d$1{at}w3.nls.net...
> > I'm not a server person, so I wouldn't make either one
> > available . But, as far as I can see, php *can* be used
> > safely (at least it is used very widely and I don't see every
> > one of those sites hacked).
>
> If security of the machine is left up to the website programmer, then
> a multihosting ISP server could never be called secure in the least
> because there is one idiot in every crowd..

Well the idiot would be whoever let the programmer to handle security -
we're just not geared for that . No, but seriously, security stuff
needs a whole different skill set than programming.


> On a single host machine, you have lots of freedom because
> web site owners are trusted (they aren't likely to want to root
> their own site), on multihost they are not trusted. Makes a big
> difference.

Yep. I only do this stuff on our internal servers which are not exposed to
the rest of the world, and even there I can think about a gazillion places
that I would have to lock if I had to make the stuff really secure.


Antti Kurenniemi
(Just not my cup of coffee... or bottle of beer for that matter ;-)

--- BBBS/NT v4.01 Flag-5