Can anyone think of any downside to this idea?
Set Apache to run as user/group "www:www"
Set ownership of PHP files and folders to "www:www"
And set permissions to 700
So that ONLY Apache can read them.
Now - even if I give someone shell access to my box, or someone finds my
personal login password, they still can't read my PHP passwords to MySQL.
(Of course I'd have to be user "www" when uploading changes/files to the
website.)
Any other paranoid people tried this?
Any downside to it?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
