hi, On Saturday 05 April 2008 11:26:14 am Cajus Pollmeier wrote: > The problem is that these aspects are not packagable as some kind of > "fire and forget" installation. I'd prefer the way Roland proposed, > using some kind of option 3 could work out of the box, though it just requires more initial setup work to get right in the packaging. i'm not saying it's the Right Way, but it would provide the necessary compartmentalizing. > RequestHeader set FooPassword very-secret-credentials i suspect php users will still be able to find that out, in the same way that they can read ssl private keys from the webserver's memory (you *did* know they can do that, right? :) sean
Attachment:
signature.asc
Description: This is a digitally signed message part.