I have some what of a security issue that I can't seem to solve. I run php4 and MySQL on a FreeBSD server with Apache 1.3 as the webserver and have users that I allow access to there personal database. (example: user johndoe uses database johndoe). I can configure "johndoe" so he can only have access to his database and tables with in his database however they can still use MySQL functions like mysql_list_db to see all databases. They can't alter or read them, but it seem to me being able to display all database names could cause a problem. Has anyone had this same problem, and if so is there a way to stop any php user with a mysql account to view all database? Help Please, Thanks! [EMAIL PROTECTED] -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
