On Friday, June 28, 2002, at 09:30 AM, Jonathan Rosenberg wrote:
> Let's say I am in a shared server environment & the provider does > NOT have safe_mode turned on. In that case, it seems to me that > it is "insecure" to keep "secrets" (e.g., DB passwords) in a PHP > file that is executed by the server. > > I say this because any other users of that shared host can read > the PHP file & obtain the secret. There does not seem to be any > way around this (once again, I am assuming safe_mode is NOT > turned on). Think about it in terms of the permissions on the file. The people who can read this file are explicitly defined in your permissions. The catch-22 is that the web server is usually not run as root, so it doens't automatically get to see your files -- you need to give it permission to read them just as you would any other user. In a shared system, if you give "others" permission to read the file, the web server user can now read the file, but so can everyone else. However, if there were some way for you to change the group association of the file to, say, the "websecret" group, and then you could close off the read permissons of "others" on that file. As long as the web server is a member of "websecret", and you grant read permissions to the group for that file, then the web server can read it. The trick is that in order to change the file's group association to "websecret", you probably need to be either root or a member of "websecret", unless the system admins have provided some kind of script that does this on your behalf. Which means that anyone else who has this ability can read the file too (since they are a member of "websecret"). It's tough. Shared hosting security is a difficult issue. Erik ---- Erik Price Web Developer Temp Media Lab, H.H. Brown [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
