Hi,
Im talkin to a outside coder guy about writing some GNuPG code to interact with PHP mail forms.
He wants to see a copy of phpinfo ()
Is there anything in that display that could be used malicious?
Anything you wouldn't want outside sources to see?
Thank You
safe to show PHP info - phpinfo () ?
Moderator: General Moderators
- Jonah Bron
- DevNet Master
- Posts: 2764
- Joined: Thu Mar 15, 2007 6:28 pm
- Location: Redding, California
- Kieran Huggins
- DevNet Master
- Posts: 3635
- Joined: Wed Dec 06, 2006 4:14 pm
- Location: Toronto, Canada
- Contact:
- John Cartwright
- Site Admin
- Posts: 11470
- Joined: Tue Dec 23, 2003 2:10 am
- Location: Toronto
- Contact:
It is not safe to share, and you likely should not. Divulging path information and other setting configurations can give useful information on where to start the attackKieran Huggins wrote:if you think about it, you're trusting a developer with a lot more than a *look* at your server...
but yes, a phpinfo is pretty safe to share.
Will sharing it probably cause harm to the one guy? Probably not..
It could be potentially unsafe, but it would boil down to the security of your server and applications. The settings alone pose no threat.
It would only give a potential attacker places to start, which in some cases, is more than they had to begin with.
It would only give a potential attacker places to start, which in some cases, is more than they had to begin with.
Set Search Time - A google chrome extension. When you search only results from the past year (or set time period) are displayed. Helps tremendously when using new technologies to avoid outdated results.