sinisa@stripped wrote:
>
> Brighten Godfrey writes:
> > Am I right in believing that there is no way of securely limiting a mysql
> > user to logging in from a specific account? (This is with the latest
> > version of MySQL on Caldera OpenLinux 2.2). The issue is that I need a
> > CGI to connect to the database, so it needs to store a password to connect
> > with. I can use Apache's suEXEC module to store the password in a file
> > readable only by the user that the CGI is run as, but still, this is
> > rather insecure since the password would be stored unencrypted. Ideas?
> >
> > Thanks very much,
> > ~Brighten
> > ________________________________________________________________
> > Brighten Godfrey godfreyb@stripped
> > http://brighten.bigw.org/ godfreyb@stripped
> > ________________________________________________________________
> >
>
mod_auth_mysql works awesome. It's tricky setting it up at first (give
yourself a few hours to work out the synchronization with the mysql
dbase), but once installed; very slick. Also, make sure you lock down
your standard UNIX security with host.allow/.deny, and don't run
services you don't need. If people try to crack your web-server, run
crons to back-up your pages somewhere secure and let root make sure they
get updated. The Web-server only requires microseconds to restart on
even the slowest machines.
My 2 cents.
Van
--
=========================================================================
Linux rocks!!! http://www.dedserius.com
=========================================================================
