Why PHP is so much more popular for web-development

Paul Rubin http
Thu Jul 26 22:26:33 CEST 2007


Steve Holden <steve at holdenweb.com> writes:
> > That sounds trivial to ameliorate (at least somewhat) by putting your
> > uploads in a directory whose name is known only to you (let's say it's
> > a random 20-letter string).  The parent directory can be protected to
> > not allow reading the subdirectory names.
> 
> But you have to admit that's "security by obscurity".

I'm not completely sure it's security by obscurity if the system setup
is careful.  The pathname is like a password and maybe it can be
proteced from exposure to the same degree that other file system
contents are protected.  This would not pass review for protecting
launch codes, but neither most things done on even serious commercial
web sites.



More information about the Python-list mailing list