Did you ever use the comfort of PHP's session-handling routines?
Did you ever set session.entropy_file to read from /dev/urandom?
Do you think the session-IDs are strong enough?
The views expressed on this website/weblog are mine alone and do not necessarily reflect the views of my employer. Note to journalists and other readers: Unless you receive express written permission to the contrary from the author of the content of this blog/website, reproduction or quotation of any statements appearing on this blog/website is not authorized. |
0 comments:
Post a Comment