Comment 7 for bug 1175446

Yeah, I don't think we can too much about attacks that alter the contents of the config.php, and still less about attacks that alter the source code of other files. We mostly need to focus on attacks that are carried out via the HTTP inputs to the web server.