Hi, I'm trying to write a script to use with the Apache auth plugin mod_auth_any. I have the whole setup working, bar the script that does the authentication.
I am worried that because the script must be read/writeable by the Apache user (www) that anybody that can write a PHP script on my machine can read the auth script and read the passwords that would be contained within -- those to my MySQL server. Is there any way I can have a script that is not readable by a user, while still allowing that user to execute it? Maybe through using a wrapper of some sort? I do not have UFS2 so I cannot use ACLs. Any suggestions for this as I'm stumped. Thanks very much, -lewiz. -- I was so much older then, I'm younger than that now. --Bob Dylan, 1964. ------------------------------------------------------------------------ -| msn:[EMAIL PROTECTED] | jabber:[EMAIL PROTECTED] | url:www.lewiz.org |-
pgp00000.pgp
Description: PGP signature