[nycphp-talk] Pair Network's "security" model - could it be this bad?
Daniel Convissor
danielc at analysisandsolutions.com
Tue Jun 1 13:28:46 EDT 2004
Hi Jayesh:
In a shared environment, if there are files you MUST keep from being read
(for instance, passwords for database connections, etc) chmod them to be
only readable by you and then configure the scripts that do need database
access to execute as a CGI script. I do this all the time.
One way for ISP's to reduce exposure is to put all users into a group and
have all files on the web server put into that group and set the mask to
make files not readable/writeable/executable by "group" but readable by
"other" so the web server can get to them.
Enjoy,
--Dan
--
T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y
data intensive web and database programming
http://www.AnalysisAndSolutions.com/
4015 7th Ave #4, Brooklyn NY 11232 v: 718-854-0335 f: 718-854-0409
More information about the talk
mailing list