I'm assuming you're using mod_php. For a virtual-hosted environment,
I don't think that can be made 'secure'. You probably need to switch
to suexec and fastcgi php. That way the php scripts are run as your
user rather than the 'www' user. You might glance at this:
http://www.k4ml.com/wiki/serve
On 4/22/08, Thomas Robitaille <[EMAIL PROTECTED]> wrote:
> > Just because "apache" the user account on your compute can access the
> > db, doesn't mean apache the webserver is serving that file.
> >
> > My webserver runs as user "www"
> >
> > My db is under ~/Data//database.db owned by me, but chmo
>
> Thanks for your reply! However, apache has to be able to
> access /a/ totally/different/path/to/db, so this means that
> any user on the same server can access it via e.g. a PHP web
> page, if they know that path, is that correct?
>
Yes, but
>
> >> In MySQL for example, this is no
> Just because "apache" the user account on your compute can access the
> db, doesn't mean apache the webserver is serving that file.
>
> My webserver runs as user "www"
>
> My db is under ~/Data//database.db owned by me, but chmod-
> ed to 666
>
> The webserver serves only files under ~/Sites//
On 4/22/08, Thomas Robitaille <[EMAIL PROTECTED]> wrote:
> Thanks for your reply! However, apache has to be able to access
> /a/totally/different/path/to/db, so this means that any
> user on the same server can access it via e.g. a PHP web page, if they know
> that path, is that correct?
Just beca
Thanks for your reply! However, apache has to be able to access /a/
totally/different/path/to/db, so this means that any user on the same
server can access it via e.g. a PHP web page, if they know that path,
is that correct?
Thomas
On 22 Apr 2008, at 15:14, P Kishor wrote:
> On 4/22/08, Tho
On 4/22/08, Thomas Robitaille <[EMAIL PROTECTED]> wrote:
> Hi everyone,
>
> I am in the process of setting up a forum which uses SQLite on a web
> server which has ~50 other users. I can create a directory for the
> sqlite database, which I chown to 'apache' (the user under which the
> web serv
Hi everyone,
I am in the process of setting up a forum which uses SQLite on a web
server which has ~50 other users. I can create a directory for the
sqlite database, which I chown to 'apache' (the user under which the
web server is run). However, because the database is then writable by
ap
8 matches
Mail list logo