> > So I think making the database non-configurable buys you very little
> > security.
>
> I know about this. But how to create reasonable solution in
> environments where user should setup Apache options in configuration
> file (those include various directives like MidgardParser, AddCharset,
> DefaultCharset, etc)? You might say about .htaccess but not all those
> options work in .htaccess - for example there are a couple of things
> that should be set up directly in virtual host.
I haven't seen any setups where a user could have an apache config
file which would -- I take it -- be included in the main config.
One would have to be _very_ careful about this. I would personally
have defined a custom configuration syntax (maybe xml) which I can
parse an understand in full, to generate apache configs. I'd hate to
see clients defining scriptalias/location/limit/documentroot directives by
themselves all willy-nilly.
Anyhow, regarding the safety concerns relating to configurability of the
location of the database, it is no more a hazard then having
MidgardDatabase configurable, and arguably a lot less a hazard then
having a plaintext password in the file.
> Imagine midgard-lib.conf is:
> ----8<-----
> # Name driver host database password
>
> Store midgard-lib.conf in safe location (built in into midgard-lib
> during compilation), set needed rights and be happy?
It will be hard to find appropriate ownership/access rights for the
config file. httpd.conf is read by apache while it is still root,
before it changes its euid/egid to whatever the User/Group specifies.
I don't know at what point module initialization takes place but I
think it is _after_ the euid change, so the file would (in a typical
situation) have to be readable by user 'nobody'. This is an even greater
security hazard. You would be able to protect it from shell access
with some care, but all PHP pages and CGI scripts would have access to
it.
Emile
--
This is The Midgard Project's mailing list. For more information,
please visit the project's web site at http://www.midgard-project.org
To unsubscribe the list, send an empty email message to address
[EMAIL PROTECTED]
