Re: [sqlite] restricting access to sqlite database
I'm assuming you're using mod_php. For a virtual-hosted environment, I don't think that can be made 'secure'. You probably need to switch to suexec and fastcgi php. That way the php scripts are run as your user rather than the 'www' user. You might glance at this: http://www.k4ml.com/wiki/server/apache/php-fastcgi -Brad Thomas Robitaille wrote: >> Just because "apache" the user account on your compute can access the >> db, doesn't mean apache the webserver is serving that file. >> >> My webserver runs as user "www" >> >> My db is under ~/Data//database.db owned by me, but chmod- >> ed to 666 >> >> The webserver serves only files under ~/Sites// > > I understand what you mean, but if your database file is chmod-ed to > 666, any other user logged in to your web server can edit it, > correct? If you are the only user on your web server, then indeed > placing it outside the web directory is enough, but what I am asking > about is for cases when there are 100 or 1000 users that can all log > in to the same web server. > > Thomas > >> >> >>> Thomas >>> >>> >>> On 22 Apr 2008, at 15:14, P Kishor wrote: >>> >>> On 4/22/08, Thomas Robitaille <[EMAIL PROTECTED]> wrote: > Hi everyone, > > I am in the process of setting up a forum which uses SQLite on > a web > server which has ~50 other users. I can create a directory for the > sqlite database, which I chown to 'apache' (the user under > which the > web server is run). However, because the database is then > writable by > apache, could other users not potentially write web applications > which could edit that database (and potentially remove all > tables?). > In MySQL for example, this is not a problem because of the > different > users/privileges, but what is the common way around this in > SQLite? > Nothing specific to SQLite, but common good web programming practice. Don't keep the db in a web accessible path. My web root is /path/to/web/root/ my db is in /a/totally/different/path/to/db -- Puneet Kishor http://punkish.eidesis.org/ Nelson Institute for Environmental Studies http:// www.nelson.wisc.edu/ Open Source Geospatial Foundation (OSGeo) http://www.osgeo.org/ ___ sqlite-users mailing list sqlite-users@sqlite.org >>> http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users >>> >> >> -- >> Puneet Kishor http://punkish.eidesis.org/ >> Nelson Institute for Environmental Studies http://www.nelson.wisc.edu/ >> Open Source Geospatial Foundation (OSGeo) http://www.osgeo.org/ > > ___ > sqlite-users mailing list > sqlite-users@sqlite.org > http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users > ___ sqlite-users mailing list sqlite-users@sqlite.org http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
Re: [sqlite] restricting access to sqlite database
On 4/22/08, Thomas Robitaille <[EMAIL PROTECTED]> wrote: > > Just because "apache" the user account on your compute can access the > > db, doesn't mean apache the webserver is serving that file. > > > > My webserver runs as user "www" > > > > My db is under ~/Data//database.db owned by me, but chmod-ed to > 666 > > > > The webserver serves only files under ~/Sites// > > > > I understand what you mean, but if your database file is chmod-ed to 666, > any other user logged in to your web server can edit it, correct? If you are > the only user on your web server, then indeed placing it outside the web > directory is enough, but what I am asking about is for cases when there are > 100 or 1000 users that can all log in to the same web server. Why on earth do your web users log on to your web server from any interface other than the web? My web server is behind a firewall, reachable only via ssh over vpn. > > Thomas > > > > > > > > > > > > > > > > > Thomas > > > > > > > > > On 22 Apr 2008, at 15:14, P Kishor wrote: > > > > > > > > > > > > > > > > > On 4/22/08, Thomas Robitaille <[EMAIL PROTECTED]> wrote: > > > > > > > > > > > > > Hi everyone, > > > > > > > > > > I am in the process of setting up a forum which uses SQLite on a > web > > > > > server which has ~50 other users. I can create a directory for the > > > > > sqlite database, which I chown to 'apache' (the user under which > the > > > > > web server is run). However, because the database is then writable > by > > > > > apache, could other users not potentially write web applications > > > > > which could edit that database (and potentially remove all > tables?). > > > > > In MySQL for example, this is not a problem because of the > different > > > > > users/privileges, but what is the common way around this in SQLite? > > > > > > > > > > > > > > > > > > Nothing specific to SQLite, but common good web programming practice. > > > > Don't keep the db in a web accessible path. > > > > > > > > My web root is /path/to/web/root/ > > > > > > > > my db is in > > > > > > > > /a/totally/different/path/to/db > > > > > > > > > > > > ___ sqlite-users mailing list sqlite-users@sqlite.org http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
Re: [sqlite] restricting access to sqlite database
> > Thanks for your reply! However, apache has to be able to > access /a/ totally/different/path/to/db, so this means that > any user on the same server can access it via e.g. a PHP web > page, if they know that path, is that correct? > Yes, but > > >> In MySQL for example, this is not a problem because of > the different > >> users/privileges, but what is the common way around this in SQLite? > > MySQL would actually suffer from a similar problem but in a different way. Imagine the scenario that your forum accesses a MySQL database using username & password strings stored in a PHP script. This script would need to be readable by apache for the forum to work. If someone else know the name of that script, they could craft a rogue PHP to display the above PHP script so that they could copy the username/password. They could use username/password to access your MySQL database and corrupt/delete it. There are alternative solutions. One I know of (but never used before) is to use the 'cgi' version of PHP which can run under different user names. Best place to ask would be a PHP list. Nick This email and any attachments are confidential to the intended recipient and may also be privileged. If you are not the intended recipient please delete it from your system and notify the sender. You should not copy it or use it for any purpose nor disclose or distribute its contents to any other person. ___ sqlite-users mailing list sqlite-users@sqlite.org http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
Re: [sqlite] restricting access to sqlite database
> Just because "apache" the user account on your compute can access the > db, doesn't mean apache the webserver is serving that file. > > My webserver runs as user "www" > > My db is under ~/Data//database.db owned by me, but chmod- > ed to 666 > > The webserver serves only files under ~/Sites// I understand what you mean, but if your database file is chmod-ed to 666, any other user logged in to your web server can edit it, correct? If you are the only user on your web server, then indeed placing it outside the web directory is enough, but what I am asking about is for cases when there are 100 or 1000 users that can all log in to the same web server. Thomas > > > >> >> Thomas >> >> >> On 22 Apr 2008, at 15:14, P Kishor wrote: >> >> >>> >>> On 4/22/08, Thomas Robitaille <[EMAIL PROTECTED]> wrote: >>> Hi everyone, I am in the process of setting up a forum which uses SQLite on a web server which has ~50 other users. I can create a directory for the sqlite database, which I chown to 'apache' (the user under which the web server is run). However, because the database is then writable by apache, could other users not potentially write web applications which could edit that database (and potentially remove all tables?). In MySQL for example, this is not a problem because of the different users/privileges, but what is the common way around this in SQLite? >>> >>> Nothing specific to SQLite, but common good web programming >>> practice. >>> Don't keep the db in a web accessible path. >>> >>> My web root is /path/to/web/root/ >>> >>> my db is in >>> >>> /a/totally/different/path/to/db >>> >>> >>> >>> -- >>> Puneet Kishor http://punkish.eidesis.org/ >>> Nelson Institute for Environmental Studies http:// >>> www.nelson.wisc.edu/ >>> Open Source Geospatial Foundation (OSGeo) http://www.osgeo.org/ >>> ___ >>> sqlite-users mailing list >>> sqlite-users@sqlite.org >>> >> http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users >>> >> >> > > > -- > Puneet Kishor http://punkish.eidesis.org/ > Nelson Institute for Environmental Studies http://www.nelson.wisc.edu/ > Open Source Geospatial Foundation (OSGeo) http://www.osgeo.org/ ___ sqlite-users mailing list sqlite-users@sqlite.org http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
Re: [sqlite] restricting access to sqlite database
On 4/22/08, Thomas Robitaille <[EMAIL PROTECTED]> wrote: > Thanks for your reply! However, apache has to be able to access > /a/totally/different/path/to/db, so this means that any > user on the same server can access it via e.g. a PHP web page, if they know > that path, is that correct? Just because "apache" the user account on your compute can access the db, doesn't mean apache the webserver is serving that file. My webserver runs as user "www" My db is under ~/Data//database.db owned by me, but chmod-ed to 666 The webserver serves only files under ~/Sites// > > Thomas > > > On 22 Apr 2008, at 15:14, P Kishor wrote: > > > > > > On 4/22/08, Thomas Robitaille <[EMAIL PROTECTED]> wrote: > > > > > Hi everyone, > > > > > > I am in the process of setting up a forum which uses SQLite on a web > > > server which has ~50 other users. I can create a directory for the > > > sqlite database, which I chown to 'apache' (the user under which the > > > web server is run). However, because the database is then writable by > > > apache, could other users not potentially write web applications > > > which could edit that database (and potentially remove all tables?). > > > In MySQL for example, this is not a problem because of the different > > > users/privileges, but what is the common way around this in SQLite? > > > > > > > Nothing specific to SQLite, but common good web programming practice. > > Don't keep the db in a web accessible path. > > > > My web root is /path/to/web/root/ > > > > my db is in > > > > /a/totally/different/path/to/db > > > > > > > > -- > > Puneet Kishor http://punkish.eidesis.org/ > > Nelson Institute for Environmental Studies http://www.nelson.wisc.edu/ > > Open Source Geospatial Foundation (OSGeo) http://www.osgeo.org/ > > ___ > > sqlite-users mailing list > > sqlite-users@sqlite.org > > > http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users > > > > -- Puneet Kishor http://punkish.eidesis.org/ Nelson Institute for Environmental Studies http://www.nelson.wisc.edu/ Open Source Geospatial Foundation (OSGeo) http://www.osgeo.org/ ___ sqlite-users mailing list sqlite-users@sqlite.org http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
Re: [sqlite] restricting access to sqlite database
Thanks for your reply! However, apache has to be able to access /a/ totally/different/path/to/db, so this means that any user on the same server can access it via e.g. a PHP web page, if they know that path, is that correct? Thomas On 22 Apr 2008, at 15:14, P Kishor wrote: > On 4/22/08, Thomas Robitaille <[EMAIL PROTECTED]> wrote: >> Hi everyone, >> >> I am in the process of setting up a forum which uses SQLite on a web >> server which has ~50 other users. I can create a directory for the >> sqlite database, which I chown to 'apache' (the user under which the >> web server is run). However, because the database is then >> writable by >> apache, could other users not potentially write web applications >> which could edit that database (and potentially remove all tables?). >> In MySQL for example, this is not a problem because of the different >> users/privileges, but what is the common way around this in SQLite? > > Nothing specific to SQLite, but common good web programming practice. > Don't keep the db in a web accessible path. > > My web root is /path/to/web/root/ > > my db is in > > /a/totally/different/path/to/db > > > > -- > Puneet Kishor http://punkish.eidesis.org/ > Nelson Institute for Environmental Studies http://www.nelson.wisc.edu/ > Open Source Geospatial Foundation (OSGeo) http://www.osgeo.org/ > ___ > sqlite-users mailing list > sqlite-users@sqlite.org > http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users ___ sqlite-users mailing list sqlite-users@sqlite.org http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
Re: [sqlite] restricting access to sqlite database
On 4/22/08, Thomas Robitaille <[EMAIL PROTECTED]> wrote: > Hi everyone, > > I am in the process of setting up a forum which uses SQLite on a web > server which has ~50 other users. I can create a directory for the > sqlite database, which I chown to 'apache' (the user under which the > web server is run). However, because the database is then writable by > apache, could other users not potentially write web applications > which could edit that database (and potentially remove all tables?). > In MySQL for example, this is not a problem because of the different > users/privileges, but what is the common way around this in SQLite? Nothing specific to SQLite, but common good web programming practice. Don't keep the db in a web accessible path. My web root is /path/to/web/root/ my db is in /a/totally/different/path/to/db -- Puneet Kishor http://punkish.eidesis.org/ Nelson Institute for Environmental Studies http://www.nelson.wisc.edu/ Open Source Geospatial Foundation (OSGeo) http://www.osgeo.org/ ___ sqlite-users mailing list sqlite-users@sqlite.org http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
[sqlite] restricting access to sqlite database
Hi everyone, I am in the process of setting up a forum which uses SQLite on a web server which has ~50 other users. I can create a directory for the sqlite database, which I chown to 'apache' (the user under which the web server is run). However, because the database is then writable by apache, could other users not potentially write web applications which could edit that database (and potentially remove all tables?). In MySQL for example, this is not a problem because of the different users/privileges, but what is the common way around this in SQLite? Thanks in advance for any help, Thomas ___ sqlite-users mailing list sqlite-users@sqlite.org http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users