Re: My rant about unix home directories
- From: Sandman <mr@xxxxxxxxxxx>
- Date: Sat, 29 Apr 2006 22:25:19 +0200
In article <1146331981.634291.288790@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>,
"Chung Leong" <chernyshevsky@xxxxxxxxxxx> wrote:
Pointless rant. In a typical set up the database server isn't
accessible to the outside world, so the risk of exposure through a
misconfigured web server isn't that unreasonable to take. The database
login/password is only useful to someone who can access the
database--i.e. another account on the same server. Putting your config
file your home directory does not prevent him from reading it.
See another one of my posts in my thread here, where this actually
happened. A user gained access to my MySQL server through a
user/passwd file kept outside the web scope, using the web servers
granted connection to the database. :)
--
Sandman[.net]
.
- References:
- My rant about unix home directories
- From: Jamie
- Re: My rant about unix home directories
- From: Chung Leong
- My rant about unix home directories
- Prev by Date: Re: My rant about unix home directories
- Next by Date: Re: to optimize a select join
- Previous by thread: Re: My rant about unix home directories
- Next by thread: Re: My rant about unix home directories
- Index(es):
Relevant Pages
|
