in reply to OT ~ Security: Why is a file outside the web root more secure than mySQL?

There is a simple answer.

If your code is OK, then someone won't get access to either without breaking into somewhere that they shouldn't be. If the person has remote access to the database, they might not get anywhere else from there. If they have remote access to your webserver, then odds are high that they will shortly apply a rootkit, read your code and get at your database, etc.

So access to site root gives database access but not vice versa. Hence site root is more secure. (You have secured it, right?)

  • Comment on Re: OT ~ Security: Why is Root More Secure Than mySQL?

Replies are listed 'Best First'.
Re: Re: OT ~ Security: Why is Root More Secure Than mySQL?
by jerrygarciuh (Curate) on Sep 06, 2002 at 22:56 UTC

    You have secured it, right?

    Oh yes! I put a padlock on the room where the server is kept! I'd like to see those hackers get past that!
    jg
    _____________________________________________________
    Think a race on a horse on a ball with a fish! TG
[reply]

In Section Seekers of Perl Wisdom