[olug] protecting MySQL password on multi-user system

Eric P eric.maillist at gmail.com
Wed Jun 7 04:07:42 UTC 2006


I own the file.  We discussed (earlier in the thread) that a user cannot change a file's ownership to different users in
UNIX because you could negatively affect other user's disk space quotas w/o their knowledge, etc.  I actually tried it
already on this system, but it didn't work anyhow.

Eric

Don Kauffman wrote:
> Just out of curiosity, who  is the owner and group of the .htaccess
> file? You might need to change those to apache or whatever user you have
> apache set up as. Just thinking out loud here!
> 
> DonK.
> 
> On Sun, 2006-06-04 at 11:25 -0500, Eric P wrote:
> 
>>Trent Melcher wrote:
>>
>>>OK, is the web_root directory under your home directory?  Is it yours and
>>>yours only web directory?  If so then you could try it this way.
>>>
>>>Put a .htaccess file into your web_root directory, add these 2 values
>>>
>>>SetEnv DBUSER mysqluser
>>>SetEnv DBPASS mysqlpass
>>>
>>>PHP will get these variables passed in the $_SERVER superglobal as
>>>$_SERVER['DBUSER'] and $_SERVER['DBPASS'].
>>>
>>>Then add this to your php code.
>>>
>>>$handle = mysql_connect('localhost', $_SERVER['DBUSER'], $_SERVER['DBPASS'])
>>>or die(mysql_error());
>>>
>>>If this Multi-User system has everyone using the same web_root directory,
>>>then there really isn't a good way to look it down so nobosy else can use
>>>your password file.
>>>
>>>
>>>
>>>Trent
>>
>>Sorry for the LATE reply.  I finally took a moment to try this.
>>
>>Yes, the web directory is ours alone.
>>
>>I just tried this out.  Thanks for sharing this tidbit... didn't know you could set global vars like this.
>>
>>I was able to stick the .htaccess file in webroot or even one below webroot and then retrive my global vars.
>>
>>However, I've still have a problem in that if the perms on this file aren't 644 (world readble), Apache cannot access
>>this file; I get 'Forbidden - You don't have permission to access /test.php on this server.'  test.php is merely the
>>file trying to echo the global var.
>>
>>Hmph....
>>
>>Thanks all the same.
>>Eric.
>>_______________________________________________
>>OLUG mailing list
>>OLUG at olug.org
>>http://lists.olug.org/mailman/listinfo/olug
> 
> 
> _______________________________________________
> OLUG mailing list
> OLUG at olug.org
> http://lists.olug.org/mailman/listinfo/olug
> 




More information about the OLUG mailing list