[thelist] securing script
Joxn
joxn at vernum.com
Tue Mar 27 12:46:25 CST 2001
Joshua OIson wrote:
> Is this Unix or a Windows system?
It is a Red Hat Linux box running PHP4 and Apache.
Sean German wrote:
> One thing to look into is running your service, process, daemon, whatever
> under a user account created just for that purpose. Then make sure that
> account only has rights to do what you want users of the script to do.
Wouldn't this mean that I need to run PHP as another user?
Or do you mean I should create another user and change ownership of the
single script?
But doesn't this depend on "nobody" (the user Apache is running as)?
TIA,
Joxn
--
|| //\\ \\// |\\|| :: joxn at vernum.com ::
\\|| \\// //\\ ||\\| :: 8053703 ::
More information about the thelist
mailing list