ADFH wrote:
Would it be true to say that the current Apache PHP module doesn't
support running PHP scripts as their owners, and that one has to use PHP
in CGI mode for this?
PHP as an Apache module runs as the user that Apache runs as. Typically
"nobody" or "apache".
I use a well known PHP based messageboard on a website I run, and I want
to prevent non-root, non-me access to the file containing my database
password.
I suggest if a file then put it outside Apache's document root or use an
environment variable.
For a perl script, I'd just chmod it 700 with directory given perms 711
- but in PHP 4.3.2rc1, it seems that to reference a file by way of a
relative path, the script must be at least 644 and the directory it's in
755.
My older version of php is quite happy with 700 permissions, unless I've
got this wrong. The owner is the Apache user.
HTH
Chris
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
