[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: secret data for php pages

On Wed, 7 Jun 2000, Sean 'Shaleh' Perry wrote:

> On 07-Jun-2000 Robert Varga wrote:
> > 
> > That is not the same problem. When I refer on users, they are meant as
> > system users on the webserver, not web visitors.
> > 
> > What I need is a way to provide separate mysql databases to all
> > virtualhosts and webserver users, without a possibility for them to access
> > each other's databases.
> > 
> each v host gets a user, the web daemon runs as that user.  The mysql passwds
> are in a file that that user can read.  Only people who can learn it are other
> members of the v host.

No, that is only true if it is a cgi. Apache modules don't change uid-s.
They always run as set globally in httpd.conf, by default www-data, and
you cannot override it for virtual hosts.

What you can override is running cgi-s or exec-s from SSI-s. The User /
Group override for virtual hosts is only for cgi-s run in that virtual

PHP is an apache module on our site, and if it was run from a cgi
(php3-cgi package) then performance would decrease due to 
  1. not having persistent connections 
  2. having to load the php interpreter on every request for every php


Robert Varga

Reply to: