[Pmwiki-users] Wiki Article in IX
Thomas -Balu- Walter
Fri Apr 2 05:42:31 CST 2004
On Wed, Mar 31, 2004 at 05:49:06PM -0500, Reimer Behrends wrote:
> Example: To access a MySQL database from PHP, Perl, or some other
> scripting language, you need the password to connect. Because the script
> runs with Apache's permission, the file containing the password must be
> readable using the Apache uid. Because of that, _any_ script running
> under Apache can retrieve the password. The only way around that is to
> make the script setuid in some form (using suexec, cgiwrap, FastCGI, or
> some other approach), which carries its own risks. PHP safe mode will
> not help, because you can just use a Perl script (assuming that CGI is
> allowed) to access the file, anyway.
AFAIK Apache 2 lets you have a different UID for each virtual host.
(Read it somewhere and always wanted to test it :)
More information about the pmwiki-users