Re: Database Security Issues
From: Daniel Tryba (news_comp.lang.php_at_canopus.nl)
Date: 11/26/03
- Next message: Matthew Paterson: "SQL Insert - Weird Error"
- Previous message: Harry Koh: "Which script of a caddy / shopping cart / basket do I have to choose ?"
- In reply to: Michael Fuhr: "Re: Database Security Issues"
- Next in thread: Michael Fuhr: "Re: Database Security Issues"
- Reply: Michael Fuhr: "Re: Database Security Issues"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Wed, 26 Nov 2003 00:45:54 +0000 (UTC)
Michael Fuhr <mfuhr@fuhr.org> wrote:
>> Needlesly complicated. Run the webserver with the priveliges of a
>> user. That way the passwds can be in a file only readable to the user
>
> Could you elaborate on how you'd do this on an ISP's web server
> that has thousands of users?
With apache it seem that suexec is the way to go (and thus introducing
new problems like running php as cgi, but the enhanced per user security
might be worth it).
> Apache 2's perchild MPM looks promising for virtual hosts -- if you
> want to have a virtual host for each user -- but according to the
> documentation it doesn't work yet on most platforms, and I wonder how
> it would scale. It also doesn't appear usable in a non-virtual-host
> setup, such as the ISP might have for its SSL configuration.
On the system I run Apache/PHP I'm the sole user, on the only multiuser
system I have access to the server isn't Apache, it lacks "native" php
support so php is run as the user in cgi :)
-- Daniel Tryba
- Next message: Matthew Paterson: "SQL Insert - Weird Error"
- Previous message: Harry Koh: "Which script of a caddy / shopping cart / basket do I have to choose ?"
- In reply to: Michael Fuhr: "Re: Database Security Issues"
- Next in thread: Michael Fuhr: "Re: Database Security Issues"
- Reply: Michael Fuhr: "Re: Database Security Issues"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
