[PHP-DOC] #37000 [NEW]: Suggestion for improving Database Security chapter

Thu, 06 Apr 2006 09:21:00 -0700 

From:             david at acz dot org
Operating system: 
PHP version:      Irrelevant
PHP Bug Type:     Documentation problem
Bug description:  Suggestion for improving Database Security chapter

Description:
------------
It would be helpful for the Database Security chapter to discuss security
in a shared hosting environment.  Under a typical Apache / mod_php setup
where PHP scripts all run as the Apache user, any user can read any other
user's PHP scripts and thus capture any database authentication
information.  It may be possible to mitigate this with safe mode, but not
if the server allows running other types of CGIs.


-- 
Edit bug report at http://bugs.php.net/?id=37000&edit=1
-- 
Try a CVS snapshot (PHP 4.4): 
http://bugs.php.net/fix.php?id=37000&r=trysnapshot44
Try a CVS snapshot (PHP 5.1): 
http://bugs.php.net/fix.php?id=37000&r=trysnapshot51
Try a CVS snapshot (PHP 6.0): 
http://bugs.php.net/fix.php?id=37000&r=trysnapshot60
Fixed in CVS:                 http://bugs.php.net/fix.php?id=37000&r=fixedcvs
Fixed in release:             
http://bugs.php.net/fix.php?id=37000&r=alreadyfixed
Need backtrace:               http://bugs.php.net/fix.php?id=37000&r=needtrace
Need Reproduce Script:        http://bugs.php.net/fix.php?id=37000&r=needscript
Try newer version:            http://bugs.php.net/fix.php?id=37000&r=oldversion
Not developer issue:          http://bugs.php.net/fix.php?id=37000&r=support
Expected behavior:            http://bugs.php.net/fix.php?id=37000&r=notwrong
Not enough info:              
http://bugs.php.net/fix.php?id=37000&r=notenoughinfo
Submitted twice:              
http://bugs.php.net/fix.php?id=37000&r=submittedtwice
register_globals:             http://bugs.php.net/fix.php?id=37000&r=globals
PHP 3 support discontinued:   http://bugs.php.net/fix.php?id=37000&r=php3
Daylight Savings:             http://bugs.php.net/fix.php?id=37000&r=dst
IIS Stability:                http://bugs.php.net/fix.php?id=37000&r=isapi
Install GNU Sed:              http://bugs.php.net/fix.php?id=37000&r=gnused
Floating point limitations:   http://bugs.php.net/fix.php?id=37000&r=float
No Zend Extensions:           http://bugs.php.net/fix.php?id=37000&r=nozend
MySQL Configuration Error:    http://bugs.php.net/fix.php?id=37000&r=mysqlcfg

Reply via email to