I think I lost track of the original thread :) There are a few scenarios where midgard-lite is useful [a] where you dont have any access to the server except ftp/phpmyadmin (bare bones hosting) [b] where you have access to the server, but not root access (standard hosting service) [c] where you have a win32 [d] where you dont want to use mysql
as far as security in [a] - midgard lite's security is about as good as it's going to get :) - it is possible to hack mysql if you have login access to the server. (eg. a midgard password). as far as [b] and [d] goes the answer may lie with srm: http://www.vl-srm.net/ - this would probably solve alot of these issues (and a few more)... [c] - would have to wait for srm to be available.. ---- The general security issue is that midgard (by design) allows you to upload scripts (php) into the database and then execute them - this means that anybody who can upload php can gain access to the file system - which has the midgard lite scripts on... (as there is no different 'run level') between midgard-lite and the running script. (they all run as either the apache user, or in a phpcgi-wrap enviroment, the local user) Technically this is solved by midgard by running php in safe mode for file access (and using the open_basedir) otherwise the user can read the apache/httpd.conf file or midgard-conf which contains the password! eg. php open_basedir /var/www/files/ *heh - how about changing the default installed midgard-data.conf to add those lines????? regards alan Dennis Gearon wrote: >I'll have to do a lot of reading of files to get this, obviously. I am >still not clear what user the PHP scripts run as on a linux box now, >anyway. > >Matthias Englert wrote: > >>>I guess the hole is in the execution of the uploaded >>>php files, huh? >>> >>huh? I wasn't clear enough. I don't care about people which have >>permission to upload php files. I mean write access in midgard, not on >>the server. >> >>Matthias >>ps: Alan can explain it a lot better than me. It sounded very clear to >>me when he told me about this. :-) >> >>--------------------------------------------------------------------- >>To unsubscribe, e-mail: [EMAIL PROTECTED] >>For additional commands, e-mail: [EMAIL PROTECTED] >> > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
