Re: secret data for php pages

[Will Trillich <trillich@speedex.net>]

On Wed, Jun 07, 2000 at 08:20:39PM +0200, Robert Varga wrote:
> 
> 
> On Wed, 7 Jun 2000, Sean 'Shaleh' Perry wrote:
> 
> > 
> > On 07-Jun-2000 Robert Varga wrote:
> > > 
> > > That is not the same problem. When I refer on users, they are meant as
> > > system users on the webserver, not web visitors.
> > > 
> > > What I need is a way to provide separate mysql databases to all
> > > virtualhosts and webserver users, without a possibility for them to access
> > > each other's databases.
> > 
> > each v host gets a user, the web daemon runs as that user.  The mysql passwds
> > are in a file that that user can read.  Only people who can learn it are other
> > members of the v host.
> 
> No, that is only true if it is a cgi. Apache modules don't change uid-s.
> They always run as set globally in httpd.conf, by default www-data, and
> you cannot override it for virtual hosts.

from left field, here...

how about running separate apache's, each under its own
uid/gid--one set for each server?

maybe something as explained by Stas for multiple developers on one machine in
http://thingy.kcilink.com/modperlguide/control/Starting_a_Personal_Server_for_E.html
?

just an idea...