Abstract
We continue our discussion of safe PHP programming with an examination of remote execution attacks, which involve misusing the internal logic of your application in order to execute arbitrary commands or scripts on the server. Cross-site scripting (discussed in Chapter 4) is similarly accomplished by inserting scripts containing malicious code; in that case, however, the code execution takes place in the client browser and doesn’t actually affect any systems. Remote execution, on the other hand, takes place in your protected environment on the server, a very serious problem indeed.
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
Rights and permissions
Copyright information
© 2010 Chris Snyder, Thomas Myer, and Michael Southwell
About this chapter
Cite this chapter
Snyder, C., Myer, T., Southwell, M. (2010). Preventing Remote Execution. In: Pro PHP Security. Apress, Berkeley, CA. https://doi.org/10.1007/978-1-4302-3319-0_5
Download citation
DOI: https://doi.org/10.1007/978-1-4302-3319-0_5
Publisher Name: Apress, Berkeley, CA
Print ISBN: 978-1-4302-3318-3
Online ISBN: 978-1-4302-3319-0
eBook Packages: Professional and Applied ComputingProfessional and Applied Computing (R0)Apress Access Books