[olug] protecting MySQL password on multi-user system

Nick Veys psylence519 at gmail.com
Tue Apr 25 04:48:03 UTC 2006


If you had that file owned by the web server process owner, you could
chmod 400 the file and it should work, and be pretty safe.

On 4/24/06, Eric P <eric.maillist at gmail.com> wrote:
> I'm on a multi-user Linux system running PHP and MySQL.
>
> Whenever I do an SQL query, I include a file just under the web root w/the MySQL username and password.
>
> Even though it's under the web root, I have to keep this file's permission at 644 permissions, or else I get 'permission
> denied'.
>
> Am I missing something here?  I definately don't want this file readable by 'other'.
>
> Any advice for the correct approach to this would be greatly appreciated!
>
> Eric Pierce
> _______________________________________________
> OLUG mailing list
> OLUG at olug.org
> http://lists.olug.org/mailman/listinfo/olug
>



More information about the OLUG mailing list