Results 1 to 6 of 6

Thread: Another group accessing a file, without world readable privs

  1. #1
    Guest

    Another group accessing a file, without world readable privs

    What I am trying to do is I am trying to access a file using php (It's a config file and has passwords and other stuff) and the problem is that I have to somehow allow Apache (It's a module) to access this file... I am not and can not get into the nobody group, and have to somehow allow Apache to see the file, this file is located in the www space and is 744 so this causes a problem, it shouldn't be world readable, writeable, executable, or anything, is there anyway to somehow make this conf file be seen to nobody:nobody with me not being able to access it? It would be best if this method works on Windows or Linux but if it's specific I don't care...

    The reason I ask is I am in a project and there is a conf file which ahs to be read by Apache, this project works on all kinds of servers (since it's PHP) so if it's non-Apache module, that's fine as it runs with the user privs, but if it is mod_php is there a way to make the conf file no world-readable? Thanks everyone!

    EDIT: FYI I put this in Programming because it may have a a programming answer, if you feel it is a Technical question feel free to move it.

  2. #2

    Re:Another group accessing a file, without world readable privs

    I guess the question is if you have good permissions set up where the file is. Being a php config file, a browser will not be able to read it's contents as long as it doesn't output anything. If you are worried about someone being able to cd into the directory and read the contents then you have a bit of a problem that might take a bit more thinking. Hopefully this helps, if not respond with more info.

  3. #3
    Guest

    Re:Another group accessing a file, without world readable privs

    Yes, them cd'ing in and cat'ing the file is the problem, I could do encryption but that's overkill and too complex for the design, this packages is meant to be distributed to people who do and don't use Apache module PHP so it's a bit of a problem getting it set-up so that nobody:nobody could read it, and this is worst case senoria [sic] so root hates you and you have to do it yourself (somehow)

  4. #4

    Re:Another group accessing a file, without world readable privs

    How about it having it's own user? Depending on the functionality of the script it might not be overkill. Also, Zend sells a php obfuscation package that both speeds up execution on the script and makes it pretty much unreadably to anyone.

    Do you have root access on this specific box?

  5. #5
    Guest

    Re:Another group accessing a file, without world readable privs

    I'm working on a SourceForge project, and I am considering worst case scenario situation in which the user tries to install this but root is like the BOFH and he doesn't want to help him.... So I have to assume worst case scenario, root hates you and some jerk at work is snooping around...

  6. #6
    Moderator
    Good Guru
    Schotty's Avatar
    Join Date
    Jul 2001
    Location
    Milwaukee, WI
    Posts
    5,760

    Re:Another group accessing a file, without world readable privs

    Hey vlad!

    Welcome over! (This is schotty from SE).

Similar Threads

  1. Accessing the PC I ssh from... how to?!?!
    By azgs in forum Linux - General Topics
    Replies: 2
    Last Post: 12-01-2007, 01:21 AM
  2. Monitor who is accessing POP
    By datamike in forum Linux - General Topics
    Replies: 1
    Last Post: 12-11-2003, 10:49 PM
  3. Group privs on /var/www/html
    By mcdougrs in forum Linux - General Topics
    Replies: 3
    Last Post: 02-04-2003, 08:40 PM
  4. How to move a user from group to group
    By Compunuts in forum Linux - General Topics
    Replies: 3
    Last Post: 10-01-2002, 04:19 AM
  5. adding users:  own group or common group
    By Blaqb0x in forum Linux - Software, Applications & Programming
    Replies: 2
    Last Post: 05-26-2002, 03:17 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •