On Sat, Apr 07, 2001 at 02:59:06PM +1000, John Ferlito wrote:
> The start of most of my index.epl's look something like this
>
> $data_source = "dbi:Pg:dbname=$db_name";
> $username = "user";
> $password = "password";
> $dbh = DBI->connect($data_source, $username, $password) or die "Couldn't
> connect to db $DBI::errstr";
>
> now because the whole point of mod_perl, well one of them, is that there
> is just one perl process it runs on my box as www-data. ie you can't do
> any fancy su-exec stuff.
>
> This means that index.epl who is say owned by user johnf has to be
>
> -rw-r--r-- 1 stats stats 6458 Apr 7 12:52 index.epl
>
> ie world readable so the webserver can open it. Hence the problem
> everyone can see the db password.
ok, i'm only replying to this because you haven't said that
you've tried this yet, and because you haven't said that you
can't do this ..
is there a problem doing
chgrp www-data index.epl
chmod 664 index.epl
?
i figured you would have already thought of this and found it
inadequate for some reason, but hey ...
--
#ozone/algorithm <[EMAIL PROTECTED]> - trust.in.love.to.save
--
SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
More Info: http://slug.org.au/lists/listinfo/slug
