On 3/10/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > Ok, thanks. Now it solved. I am moving the database file to a > directory that writable to others and change the database file > permission to be writable by others. But I think it will be a security > issue. What do you suggest?
If you're worried about other users on the server, the best options for using SQLite are: * Run Apache as your user, not as itself, so that you can keep the database file secure. * Use FastCGI instead, since FastCGI processes usually can be run under your own user account instead of the server's. * Instead of making the file world-writable, make it writable only by Apache. This still means another user's code could alter your DB if they're also using Apache, but it's better than nothing. But ultimately, this is why I don't ever use SQLite in production -- SQLite is certainly handy for development purposes, but the various issues involved with making it writable by the web server are usually enough to make me migrate to a real, server-based DB with fine-grained access controls. -- "Bureaucrat Conrad, you are technically correct -- the best kind of correct." --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~----------~----~----~----~------~----~------~--~---
