On Friday, June 28, 2002, at 09:30 AM, Jonathan Rosenberg wrote:
> Let's say I am in a shared server environment & the provider does
> NOT have safe_mode turned on. In that case, it seems to me that
> it is "insecure" to keep "secrets" (e.g., DB passwords) in a PHP
> file that is executed by the server.
> I say this because any other users of that shared host can read
> the PHP file & obtain the secret. There does not seem to be any
> way around this (once again, I am assuming safe_mode is NOT
> turned on).
Think about it in terms of the permissions on the file. The people who
can read this file are explicitly defined in your permissions.
The catch-22 is that the web server is usually not run as root, so it
doens't automatically get to see your files -- you need to give it
permission to read them just as you would any other user. In a shared
system, if you give "others" permission to read the file, the web server
user can now read the file, but so can everyone else.
However, if there were some way for you to change the group association
of the file to, say, the "websecret" group, and then you could close off
the read permissons of "others" on that file. As long as the web server
is a member of "websecret", and you grant read permissions to the group
for that file, then the web server can read it.
The trick is that in order to change the file's group association to
"websecret", you probably need to be either root or a member of
"websecret", unless the system admins have provided some kind of script
that does this on your behalf. Which means that anyone else who has
this ability can read the file too (since they are a member of
It's tough. Shared hosting security is a difficult issue.
Web Developer Temp
Media Lab, H.H. Brown
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php