[olug] protecting MySQL password on multi-user system
djweis at internetsolver.com
Thu Apr 27 01:49:02 UTC 2006
Eric P wrote:
> Phil Brammer wrote:
>>On Tue, Apr 25, 2006 at 06:48:10PM -0500, Eric P wrote:
>>>It looks like apache is being run under the user name 'noname'. Does that make sense?
>>>However, it won't let me chgrp or chown to 'noname'
>>>$ chown noname file.php
>>>chown: changing ownership of `testing': Operation not permitted
>>Umm... What did you change in the above text? You are chown'ing file.php, but the error message references a filename of "testing." Make sure you are root.
> Opps... I changed 'testing' to 'file.php' just for the email.
> As I said in the beginning of this thread, it's a multi-user Linux system, so I don't have root perms.
On most/all Unix systems from the last 20 years, you can't do file
giveaways like that as a non-root user. The reasoning is that you could
change ownership to other people so it counts against their quota on the
system but they can't get to it.
More information about the OLUG