Wouter van Vliet wrote: > On zondag 11 juli 2004 20:29, David Arnold wrote: > > > All, > > > > Is httpd.conf secure? Would it be OK to store a password there? > > Depends on how secure you make it yourself. By default, httpd.conf is > read-only for everybody, and read-write for the root user. If you change the > read permissions, nobody can read it anymore thus it will be secure. >
Another point would be that if you have things in your conf file they can be visible to the scripts that they pertain to. This may seem obvious but if you have users running scripts in that same location they can get access to those passwords and hence so can the users. Michael Peters Plus Three -- Report problems: http://perl.apache.org/bugs/ Mail list info: http://perl.apache.org/maillist/modperl.html List etiquette: http://perl.apache.org/maillist/email-etiquette.html
