If php is called as a cgi then it can be run setuid via suexec anyway.
What I was looking for was a way to provide some information preload
during the time when apache is still root for the php3 module, since
modules run as www-data.
There was another suggestion for running several instances of
Hello
> Is there a way in which I can store some data (eg. mysql passwords) safely
> from other users on a website and retrieve it from php3/4?
There exists a patch that allowes apache to run every virtual host in
a seperated chrooted environment under a different UID.
This involves that php has t
On Wed, Jun 07, 2000 at 08:20:39PM +0200, Robert Varga wrote:
>
>
> On Wed, 7 Jun 2000, Sean 'Shaleh' Perry wrote:
>
> >
> > On 07-Jun-2000 Robert Varga wrote:
> > >
> > > That is not the same problem. When I refer on users, they are meant as
> > > system users on the webserver, not web visito
Unfortunately we are serving only web- and mail services currently and we
don't have an ip-block, only one server.
Regards,
Robert Varga
On Wed, 7 Jun 2000, Sean 'Shaleh' Perry wrote:
> >> apache runs as the vhost user. One apache daemon group per v host.
> >>
> >
> > Nope. It may be true f
>> apache runs as the vhost user. One apache daemon group per v host.
>>
>
> Nope. It may be true for ip-based virtual hosts, but surely not for
> namebased virtual hosts.
>
we ran IP based, I assumed most people did, sorry.
Guess you just have to cross your fingers and hope.
On Wed, 7 Jun 2000, Sean 'Shaleh' Perry wrote:
>
> On 07-Jun-2000 Robert Varga wrote:
> >
> >
> > On Wed, 7 Jun 2000, Sean 'Shaleh' Perry wrote:
> >
> >>
> >> On 07-Jun-2000 Robert Varga wrote:
> >> >
> >> > That is not the same problem. When I refer on users, they are meant as
> >> > syst
On 07-Jun-2000 Robert Varga wrote:
>
>
> On Wed, 7 Jun 2000, Sean 'Shaleh' Perry wrote:
>
>>
>> On 07-Jun-2000 Robert Varga wrote:
>> >
>> > That is not the same problem. When I refer on users, they are meant as
>> > system users on the webserver, not web visitors.
>> >
>> > What I need is a
On Wed, 7 Jun 2000, Sean 'Shaleh' Perry wrote:
>
> On 07-Jun-2000 Robert Varga wrote:
> >
> > That is not the same problem. When I refer on users, they are meant as
> > system users on the webserver, not web visitors.
> >
> > What I need is a way to provide separate mysql databases to all
> >
On 07-Jun-2000 Robert Varga wrote:
>
> That is not the same problem. When I refer on users, they are meant as
> system users on the webserver, not web visitors.
>
> What I need is a way to provide separate mysql databases to all
> virtualhosts and webserver users, without a possibility for them
That is not the same problem. When I refer on users, they are meant as
system users on the webserver, not web visitors.
What I need is a way to provide separate mysql databases to all
virtualhosts and webserver users, without a possibility for them to access
each other's databases.
Regards,
Rob
On Wed, 7 Jun 2000, Sean 'Shaleh' Perry wrote:
>
> On 07-Jun-2000 Robert Varga wrote:
> >
> > Is there a way in which I can store some data (eg. mysql passwords) safely
> > from other users on a website and retrieve it from php3/4?
> >
>
> include the files from your script. The file can be
On 07-Jun-2000 Marcin Kurc wrote:
> I might be wrong but ...
> If you have users on your server, and they are able to run web pages,
> one can write a php3/4 script to include the file with passwds for example
> and
> make use of it.
>
they have to be able to read certain files, a well confige
I might be wrong but ...
If you have users on your server, and they are able to run web pages,
one can write a php3/4 script to include the file with passwds for example and
make use of it.
On Wed, Jun 07, 2000 at 10:51:00AM -0700, Sean 'Shaleh' Perry wrote:
>
> On 07-Jun-2000 Robert Varga w
On 07-Jun-2000 Robert Varga wrote:
>
> Is there a way in which I can store some data (eg. mysql passwords) safely
> from other users on a website and retrieve it from php3/4?
>
include the files from your script. The file can be elsewhere, the server just
has to be able to get to it.
14 matches
Mail list logo
