httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Brownridge, Tom" <Brownri...@indtech.edu>
Subject PHP UserDir MySQL Security Puzzle
Date Fri, 21 Jun 2002 17:14:17 GMT
SYSTEM
I am running Apache, RedHat, PHP (mod_php, not CGI) and MySQL with UserDir
set to public_html.

PROBLEM
Users will be using PHP and MySQL to do stuff. The MySQL passwords get
stored in the PHP scripts, and the PHP scripts are world readable (so the
web server can read them). Yes, safe_mode is On, but that doesn't stop them
from ssh-ing to the server and scoping out the filesystem.

BAD IDEA #1
Nobody gets a shell account and there's no FTP. I'm running samba anyway,
and I'll use samba permissions to make them play nice.

BAD IDEA #2
I thought about changing the group on the PHP scripts to apache, but you
have to be root to do that, and I'm not about to go through every
public_html directory on a daily basis looking for new files. I thought
about putting all the users in the group apache - but that would defeat the
purpose in the first place.

BAD IDEA #3
It just seems the me that Apache really doesn't support mod_user + mod_php
and MySQL securely at the same time. I had hoped to find a way to make
Apache change to said user every time it got a request but didn't see any
way to do it. I Looked at suEXEC, but I got the impresion that it only works
on CGIs. I don't want to run PHP as a CGI, and suEXEC looks like a nightmare
to configure (maybe I'm just chicken).

Any better ideas would be nice, thanks.

Tom Brownridge
Assistant Professor of Computer Science
Indiana Institute of Technology
1600 E Washington Blvd
Fort Wayne, IN 46803
brownridge@indtech.edu

Mime
View raw message