[olug] protecting MySQL password on multi-user system
Phil Brammer
olug at wjjeep.com
Thu Jun 8 13:07:51 UTC 2006
On Tue, Jun 06, 2006 at 11:07:42PM -0500, Eric P wrote:
> I own the file. We discussed (earlier in the thread) that a user cannot change a file's ownership to different users in
> UNIX because you could negatively affect other user's disk space quotas w/o their knowledge, etc. I actually tried it
> already on this system, but it didn't work anyhow.
>
> Eric
Please run this in /etc/httpd/conf or wherever your apache config file resides:
$ grep ^User httpd.conf
User apache
$ grep ^Group httpd.conf
Group apache
The file you create will HAVE to be readable by at least the group listed in your output.
As Don stated, you'll have to change the owner or group of your file to the listed user/group in httpd.conf for Apache. Otherwise, you are correct, world-readable is the only way to go for you.
Kind of tough to run a secure Web server the way you want without at least sudo access.
Phil
More information about the OLUG
mailing list