Deny Access To configuration file using php scripts

From: raT (ratmole_at_gmail.com)
Date: 03/01/05

Next message: David Morel: "Re: Deny Access To configuration file using php scripts"

Previous message: Aditya Deshmukh: "RE: Samba vs NFS"
Next in thread: David Morel: "Re: Deny Access To configuration file using php scripts"
Reply: David Morel: "Re: Deny Access To configuration file using php scripts"
Reply: Marcel Prisi: "Re: Deny Access To configuration file using php scripts"
Reply: Bruce Garlock: "Re: Deny Access To configuration file using php scripts"
Reply: Josh Sholes: "Re: Deny Access To configuration file using php scripts"
Reply: Suramya Tomar: "Re: Deny Access To configuration file using php scripts"
Reply: Joachim Schipper: "Re: Deny Access To configuration file using php scripts"
Maybe reply: Tosoni: "RE: Deny Access To configuration file using php scripts"
Reply: Brent Meshier: "RE: Deny Access To configuration file using php scripts"
Maybe reply: Scott Fagg: "RE: Deny Access To configuration file using php scripts"
Maybe reply: Suramya Tomar: "Re: Deny Access To configuration file using php scripts"
Reply: Igor Plisco: "Re: Deny Access To configuration file using php scripts"
Maybe reply: Server Administration: "Re: Deny Access To configuration file using php scripts"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Tue, 1 Mar 2005 19:54:12 +0200
To: focus-linux@securityfocus.com

Hello i have a web server and i have a major problem

some of my users are trying to find my pass for my mysql database.

the first thing they do is a
system ('cat /var/www/path to config file');
inside a php script

my problem is to deny this file from being read throu the script since
the apache deamon runs as nobody
and it has to have read permision to the configuration file.

my users have shell acount and can create files in the public_html folder.
any help?
snif!

thanks in advance.

-- 
---
-=|  PrivaCy Is A LiE  |=-

Next message: David Morel: "Re: Deny Access To configuration file using php scripts"

Previous message: Aditya Deshmukh: "RE: Samba vs NFS"
Next in thread: David Morel: "Re: Deny Access To configuration file using php scripts"
Reply: David Morel: "Re: Deny Access To configuration file using php scripts"
Reply: Marcel Prisi: "Re: Deny Access To configuration file using php scripts"
Reply: Bruce Garlock: "Re: Deny Access To configuration file using php scripts"
Reply: Josh Sholes: "Re: Deny Access To configuration file using php scripts"
Reply: Suramya Tomar: "Re: Deny Access To configuration file using php scripts"
Reply: Joachim Schipper: "Re: Deny Access To configuration file using php scripts"
Maybe reply: Tosoni: "RE: Deny Access To configuration file using php scripts"
Reply: Brent Meshier: "RE: Deny Access To configuration file using php scripts"
Maybe reply: Scott Fagg: "RE: Deny Access To configuration file using php scripts"
Maybe reply: Suramya Tomar: "Re: Deny Access To configuration file using php scripts"
Reply: Igor Plisco: "Re: Deny Access To configuration file using php scripts"
Maybe reply: Server Administration: "Re: Deny Access To configuration file using php scripts"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]