FUDforum: comp.lang.php » php includes in readable directory

Home » Imported messages » comp.lang.php » php includes in readable directory

Show: Today's Messages :: Polls :: Message Navigator

Re: php includes in readable directory [message #181836 is a reply to message #181835]

Sun, 09 June 2013 14:27

John Anderson
Messages: 2
Registered: June 2013

Karma:

Junior Member

In article <kp1uur$8nj$1(at)dont-email(dot)me>,
Jerry Stuckle <jstucklex(at)attglobal(dot)net> wrote:

> On 6/9/2013 5:39 AM, John Anderson wrote:
>> Hello,
>> I've got a website where the apache directory is available to other
>> users with shell accounts: /var/www/html.
>>
>> If I put something like 'db_login.php' in there with a MySQL password in
>> it, and include it from index.php, then anyone with shell access will be
>> able to read it.
>>
>> So I move it out, but where? Is there a 'standard' place to put stuff
>> like this? /usr/local seems too 'root-like', and I don't really want to
>> put it into my $HOME, and give httpd the right to see in there.
>>
>> Thanks.
>>
>
> Security 101L: Accounts should only have access to what they need.
> Unless they are directly involved in coding the website, they should not
> have access to /var/www/html.
>
> You need to study up on Linux permissions (and perhaps get a Linux admin
> to help you configure you system correctly).

Thanks, but I've administered Solaris for twenty years.

I've just never done any PhP until now.

Report message to a moderator

[Message index]

		php includes in readable directory By: John Anderson on Sun, 09 June 2013 09:39
		Re: php includes in readable directory By: J.O. Aho on Sun, 09 June 2013 10:59
		Re: php includes in readable directory By: Thomas 'PointedEars' on Sun, 09 June 2013 13:11
		Re: php includes in readable directory By: Jerry Stuckle on Sun, 09 June 2013 13:16
		Re: php includes in readable directory By: John Anderson on Sun, 09 June 2013 14:27
		Re: php includes in readable directory By: Denis McMahon on Sun, 09 June 2013 20:09
		Re: php includes in readable directory By: Jerry Stuckle on Sun, 09 June 2013 20:57
		Re: php includes in readable directory By: Fred on Sun, 09 June 2013 15:44

Previous Topic:	There is no more attempt to draw the mind of children
Next Topic:	Re: Using Crystal Reports with PHP

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

]

Current Time: Wed Feb 19 20:08:15 GMT 2025

Total time taken to generate the page: 0.03936 seconds