My basic problem is that I need for mod_perl scripts to get to a
database password and an encryption key. I would like to be able to
store these in a file not-readable by the apache user. I've got them
out of the web tree already, but I would really like to make them
inaccessable to the web-server user period. I'm really just looking
for some thoughts as to how/where I could store these safely. Its only
a couple strings.
One idea I am starting to tinker with, and will, as soon as my
isp gets the router rebooted :)
If I have a module that gets loaded by my startup.pl script (with use
myModule statement) is that happening as root?, or as the web-server
user? This would be my specific question. I am thinking that having
the module read the values from a config file and make them globals for
the module. That seems like it should work.
I understand that mod_perl couldn't be setuid'd since it runs as
part of the apache process. Not sure how else to access files you
don't want the web server user to read. Thats what I would have done
before becoming moded (and now I can't seem to stand not having
persistent db connections and that massive speed boost of Registry
anymore). Any thoughts/links/etc would be useful.
--
Wade Burgett
Burgett Systems
http://www.burgettsys.com/
[EMAIL PROTECTED]
