[thelist] Root and .htaccess
Anthony Baratta
Anthony at Baratta.com
Mon Jul 21 19:29:44 CDT 2003
At 05:01 PM 7/21/2003, Elias Griffin wrote:
>Believe me I know there are much better ways of handling site users and
>security issues here and improvements to be made but I want to ask a
>question about a point in time. *Now*... as the system stands which is
>the best practice A or B?
I think you are better served by not limiting yourself A OR B. With a few
extra hours of work you can improve your situation by creating a PHP/Perl
script either web based forms or command line - that does not run as root
and add/removes users to your htaccess file.
You don't need to be root (nor use sudo) to make this work and the changes
now will make your box more secure (e.g. the less people that have root
access the better).
--
Anthony Baratta
President
Keyboard Jockeys
"Conformity is the refuge of the unimaginative."
More information about the thelist
mailing list