But you could already read any file that the web server can read, if you can execute scripts which are run as the webserver. Only way to prevent that is suEXEC. How is this specific to MySQL?
> 1) Webserver must be able to read HTML files of every WebUsers > 2) MySQL functions are called with uid, gid of Webserver > 3) user1 gains access to /home/user2 --------------------------------------------------------------------- Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail <[EMAIL PROTECTED]> To unsubscribe, e-mail <[EMAIL PROTECTED]> Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
