Date: Tue, 20 Dec 2005 02:37:00 +0100 From: "Daniel A." <ldrada@gmail.com> To: freebsd-questions@freebsd.org Subject: Fine-tuning access Message-ID: <5ceb5d550512191737u23abdac4ya84a6d0c90e4638d@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Lately, I've been having an itch to get something cleared up. I give out free SSH shell accounts to people I know and to people that I dont know so well, but ask for it. The basic idea is that they get an account on a FreeBSD server that has lots of disk space, a descent CPU, but not such a great internet connection (Sadly). As the happy giver that I am, I also want to provide my users with web-hosting features. Mostly everyone knows that some user will at some point want to set up some kind of PHP+MySQL based web-service, like a bulletin board or a blog. When doing so, they need to enter their password and username to the MySQL server in a config file. For apache running as the www user to read this, the file has to be quite insecurely chmodded. I've thought a possible solution for this: Adding the www user to all my users groups, thus enabling the www user to read all files chmodded with read permissions for group. Are there any drawbacks of this solution? Is there a better solution that I'm not familiar with? Thanks in advance.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5ceb5d550512191737u23abdac4ya84a6d0c90e4638d>