Re: Hiding the password

Mon, 06 Jan 2003 15:13:44 -0800 

On Mon, 6 Jan 2003, Mark wrote:

> Date: Mon, 6 Jan 2003 22:48:06 +0100
> From: Mark <[EMAIL PROTECTED]>
> To: "William R. Mussatto" <[EMAIL PROTECTED]>,
>     Octavian Rasnita <[EMAIL PROTECTED]>
> Cc: Larry Brown <[EMAIL PROTECTED]>,
>     MySQL List <[EMAIL PROTECTED]>
> Subject: Re: Hiding the password
> 
> ----- Original Message -----
> From: "William R. Mussatto" <[EMAIL PROTECTED]>
> To: "Octavian Rasnita" <[EMAIL PROTECTED]>
> Cc: "Larry Brown" <[EMAIL PROTECTED]>; "MySQL List"
> <[EMAIL PROTECTED]>
> Sent: Monday, January 06, 2003 7:07 PM
> Subject: Re: Hiding the password
> 
> 
> > Its possible to configure a single virtual host to run as a
> > different user and group.
> 
> Oh?? This is entirely new to me. :) Please, enlighten me.
> 
> - Mark
<Disclaimer>
        We are a hosting company
</Disclaimer>

You should be able to request that your virtual host be run with a unique 
username and group.  The apache web server, in our case, normally starts 
up as 'root' and then changes to a low privege user (e.g., 'nobody').  
However, the hosting company can set it up so that the user and group is 
someone different (e.g., your ftp username).  You would also have a 
separate cgi-bin directory rather than a common one.  For your scripts to 
run only your username could have write permissions on both the files and 
the directory containing the files.  If you didn't set both to 0700 the 
web serve would refuse to run the script.  The downside is you wouldn't 
be able to use any of the hosting company's standard scripts.

Because of past bad experiences we don't normally let users run anything 
other than perl or php (where we can inspect the source).  You can similarly 
setup php to run in a cgi (vs. a module mode) so that those scripts will 
also run as a separate user (slower, but safer for everyone).

I believe someone else recommended you look at changing your hosting 
company.  Some are more flexible than others.  

Sincerely,

William Mussatto, Senior Systems Engineer
CyberStrategies, Inc
ph. 909-920-9154 ext. 27


---------------------------------------------------------------------
Before posting, please check:
   http://www.mysql.com/manual.php   (the manual)
   http://lists.mysql.com/           (the list archive)

To request this thread, e-mail <[EMAIL PROTECTED]>
To unsubscribe, e-mail <[EMAIL PROTECTED]>
Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php

Reply via email to