Shell script containing passwords.
Jez Hancock
jez.hancock at munk.nu
Tue Feb 10 08:35:52 PST 2004
On Tue, Feb 10, 2004 at 04:06:37PM +0000, Lewis Thompson wrote:
> On Tue, Feb 10, 2004 at 03:56:08PM +0000, Peter Risdon wrote:
<snip>
> > Not that I know of, but have you considered compiling apache with
> > suexec? Assuming your other users have seperate logins, this might work.
> > You can have apache execute scripts as the appropriate user, not www.
> > That way, a 700 permission should prevent other users from reading your
> > scripts.
>
> I read some stuff about this. I got the impression it required using
> PHP as a CGI, instead of mod_php. Am I wrong in thinking this? The
> overhead of using PHP as CGI is a little too high because the server is
> already pretty stretched...
Have a look at /usr/ports/www/suphp - be warned though, last time I
looked at it the checks it uses to ensure UID 0 scripts aren't executed
did not work correctly on FreeBSD.
One slightly more complicated option is to rearrange your user/group
permissions on a server-wide basis - there's a detailed description in
this post:
http://lists.freebsd.org/pipermail/freebsd-questions/2003-August/014731.html
HTH
--
Jez Hancock
- System Administrator / PHP Developer
http://munk.nu/
http://jez.hancock-family.com/ - Another FreeBSD Diary
http://ipfwstats.sf.net/ - ipfw peruser traffic logging
More information about the freebsd-questions
mailing list