I installed SME 6.0.1-01 this weekend. (I was running 5.6 since its release). Tonight, i ran a phpinfo() script and discovered my username and password were visible under php variables. (PHP_AUTH_USER and PHP_AUTH_PW). I have never seen this on any server I have run this script on, including SME 5.6. I'm definately no security expert and still consider myself as a linux newbie but this feels like a security risk to me. Should I be conceren. What can I do to hide this?
Steve
1 Replies
618 Views