On 10/22/05 19:57, Uwe Dippel wrote:
This is what I do: chrooted Apache, PHP, MySQL. User directories are in
/var/www/users; softlinked to HOME/public_html.
Problem: Running some php-mysql applications somewhere in /var/www/.
These do work, but they need some config files containing mysql usernames
and passwords for the databases. And these need at least xx4 permissions;
xx0 will not permit those files to be read by apache / mysql / php.
Forgive me if I am overlooking sth obvious, but why don't you use group
permissions?
But once these have permissions of 'r' for world, the other local users
can go and read those just as well; across their access to /var/www/users.
Now I am looking for a pointer how to prevent that. I went through the
archives and searched Google, but have no good idea on search terms in
this case.
TIA,
Uwe
--
Don't fix it if it ain't broke.
