Wouter van Vliet wrote:

> On zondag 11 juli 2004 20:29, David Arnold wrote:
> 
> > All,
> > 
> > Is httpd.conf secure? Would it be OK to store a password there?
> 
> Depends on how secure you make it yourself. By default, httpd.conf is
> read-only for everybody, and read-write for the root user. If you change the
> read permissions, nobody can read it anymore thus it will be secure.
> 

Another point would be that if you have things in your conf file they can be
visible to the scripts that they pertain to. This may seem obvious but if you
have users running scripts in that same location they can get access to those
passwords and hence so can the users.

Michael Peters
Plus Three

-- 
Report problems: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html
List etiquette: http://perl.apache.org/maillist/email-etiquette.html

Reply via email to