Mangled from our httpd.conf <VirtualHost 172.16.0.xx> User clientsite Group clientsite AddHandler cgi-script cgi pl <Directory /home/client/clientsite/clientsite/clientsite> Options +ExecCGI </Directory> ScriptAlias /cgi-bin/ /home/client/clientsite/clientsite/cgi-bin/ ServerAdmin [EMAIL PROTECTED] DocumentRoot /home/client/clientsite/clientsite ServerName www.clientsite.com </VirtualHost>
On Mon, 6 Jan 2003, Larry Brown wrote: > Date: Mon, 6 Jan 2003 17:44:45 -0500 > From: Larry Brown <[EMAIL PROTECTED]> > To: MySQL List <[EMAIL PROTECTED]> > Subject: RE: Hiding the password > > It's not as easy as that unless there is something I'm unfamiliar with. > There are scripts that will help chroot but it isn't just making an entry in > httpd.conf. It does keep everyone totally separate though. As a shell user > your / is actually some subfolder on the server. Your folders under / are > yours and only yours. The sys admin can give or take away ls from your bin > and so on. > > Larry S. Brown > Dimension Networks, Inc. > (727) 723-8388 > > -----Original Message----- > From: Mark [mailto:[EMAIL PROTECTED]] > Sent: Monday, January 06, 2003 5:39 PM > To: Larry Brown; MySQL List > Subject: Re: Hiding the password > > I think we must be at cross-purposes. I thought you were talking about > individual <VirtualHost></VirtualHost> sections. That would have been a > wonderful thing. Feasible too, perhaps. The Apache parent ("root"), could > prefork its children, one for each <VirtualHost></VirtualHost> running as > its own user (to which all requests for that vhost are handled). > > It would certainly take care of a whole lot of security issues. > > - Mark > > > ----- Original Message ----- > From: "Larry Brown" <[EMAIL PROTECTED]> > To: "MySQL List" <[EMAIL PROTECTED]> > Sent: Monday, January 06, 2003 11:07 PM > Subject: RE: Hiding the password > > > > Check out the explination of chroot from the following url.. > > > > http://www.tcu-inc.com/Articles/23/chroot.html > > > > This is an article about doing more than an apache solution but it > > explains chroot. This is the best model I know of. I read that it is being > > used less often than in the past so there may be some other methods > > that are more prevalent now but this is one definite working solution. > > > > Larry S. Brown > > Dimension Networks, Inc. > > (727) 723-8388 > > > > -----Original Message----- > > From: Mark [mailto:[EMAIL PROTECTED]] > > Sent: Monday, January 06, 2003 4:48 PM > > To: William R. Mussatto; Octavian Rasnita > > Cc: Larry Brown; MySQL List > > Subject: Re: Hiding the password > > > > ----- Original Message ----- > > From: "William R. Mussatto" <[EMAIL PROTECTED]> > > To: "Octavian Rasnita" <[EMAIL PROTECTED]> > > Cc: "Larry Brown" <[EMAIL PROTECTED]>; "MySQL List" > > <[EMAIL PROTECTED]> > > Sent: Monday, January 06, 2003 7:07 PM > > Subject: Re: Hiding the password > > > > > > > Its possible to configure a single virtual host to run as a > > > different user and group. > > > > Oh?? This is entirely new to me. :) Please, enlighten me. > > > > - Mark > > > > --------------------------------------------------------------------- > Before posting, please check: > http://www.mysql.com/manual.php (the manual) > http://lists.mysql.com/ (the list archive) > > To request this thread, e-mail <[EMAIL PROTECTED]> > To unsubscribe, e-mail <[EMAIL PROTECTED]> > Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php > Sincerely, William Mussatto, Senior Systems Engineer CyberStrategies, Inc ph. 909-920-9154 ext. 27 --------------------------------------------------------------------- Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail <[EMAIL PROTECTED]> To unsubscribe, e-mail <[EMAIL PROTECTED]> Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
