List:General Discussion« Previous MessageNext Message »
From:Van Date:July 20 1999 11:15pm
Subject:Re: user-based authentication
View as plain text  
sinisa@stripped wrote:
> 
> Brighten Godfrey writes:
>  > Am I right in believing that there is no way of securely limiting a mysql
>  > user to logging in from a specific account?  (This is with the latest
>  > version of MySQL on Caldera OpenLinux 2.2).  The issue is that I need a
>  > CGI to connect to the database, so it needs to store a password to connect
>  > with.  I can use Apache's suEXEC module to store the password in a file
>  > readable only by the user that the CGI is run as, but still, this is
>  > rather insecure since the password would be stored unencrypted.  Ideas?
>  >
>  > Thanks very much,
>  > ~Brighten
>  >       ________________________________________________________________
>  >             Brighten Godfrey                   godfreyb@stripped
>  >             http://brighten.bigw.org/           godfreyb@stripped
>  >       ________________________________________________________________
>  >
> 
mod_auth_mysql works awesome.  It's tricky setting it up at first (give
yourself a few hours to work out the synchronization with the mysql
dbase), but once installed; very slick.  Also, make sure you lock down
your standard UNIX security with host.allow/.deny, and don't run
services you don't need.  If people try to crack your web-server, run
crons to back-up your pages somewhere secure and let root make sure they
get updated.  The Web-server only requires microseconds to restart on
even the slowest machines.
My 2 cents.
Van
-- 
=========================================================================
Linux rocks!!!   http://www.dedserius.com
=========================================================================
Thread
user-based authenticationBrighten Godfrey19 Jul
  • user-based authenticationsinisa20 Jul
  • Re: user-based authenticationVan21 Jul
    • Re: user-based authenticationsinisa21 Jul
      • Re: user-based authenticationJohan Isacsson21 Jul
        • Re: user-based authenticationsinisa22 Jul