On Tue, 3 Aug 1999, pgsql-admin-digest wrote:
>
>Date: Tue, 03 Aug 1999 19:08:43 -0400
>From: Lamar Owen <[EMAIL PROTECTED]>
>Subject: Re: [ADMIN] How to set up users etc for Web access?
>
>> Gary Robertson wrote:
>[snip]
>
>> We are setting up a Web site using pgsql. I am unsure of which users I
>> should set up, & who should own the html & php3 files in our directory
>> etc.
>
>[snip]
>
>While I use AOLserver and not apache+php3, the concepts are similar:
>
>1.) The httpd run user (which should not be root, but some unprivileged
>account, such as 'webserver' (in my case, it's actually 'aolserver'))
>should own all html and php files necessary, with perms of 600 or 700.
>
No way I would ever(!) do this. If your http daemon can modify
the files it should only be serving, and the daemon is "php aware"...
*shudder*
Here's an example situation that I consider reasonable:
Webserver runs as it's own uid, say "nobody"
Create some other unix account to admin the interface files, say "www"
or "webmaster"
"www" owns, and is the only user able to edit the files in the
interface. The files are at least readable by user "nobody"
Same thing with the database, you create the schema with one user, say
"pgsql". Then you grant the least priviledges necessary to the user
that the webserver is running as.
Of course this assumes you have strict control over who is putting
databases and php interfaces on your box, a way around that would be
to run a separate webserver under a different uid for your database
application.
My $.02.
-Mark
>2.) You should run a 'createuser ${HTTPD_RUN_USER}', making sure NOT to
>give that user an special privileges (such as create user, create table,
>or superuser). Of course, substitute the actual httpd run user up
>there...
>
>3.) You may or may not want the HTTPD_RUN_USER to actually own the
>tables in question -- however, you will have to GRANT the perms desired.
>
>In the case of AOLserver, the connections from the aolserver process
>(nsd) are pooled and are made with the userid of 'aolserver'. For
>AOLserver, all files the nsd process (singular, since AOLserver is
>multithreaded) accesses are owned by 'aolserver' and chmod'd 600.
>AOLserver uses a tcl API -- those files (*.tcl and *.adp) are also
>chmod'd 600, as AOLserver does its own interpreting -- php may need
>execute permission; I don't know.
>
>HTH
>
>Lamar Owen
>WGCR Internet Radio
>
