Re: password in md5 to connect to mysql instead of clear password

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Monday 28 February 2005 18:44, Simon Rees wrote:
> On Sunday 27 February 2005 20:53, Micah Stevens wrote:
> > I think about as safe as you can get is by putting the connection
> > data out of the served directory, somewhere that's not directly
> > accessable, and concentrate on system integrity. (security wise)
>
> A refinement of this technique is available on Unix boxes to which you
> have root access.
> Create a simple program that can read data about passwords etc. from a
> file. Create a file that can be read by the program you've written with
> the 'secrets' you want to keep secure in it. Make this file owned and
> readable only by root.
> Set the program owned by root, executable by everyone and suid.

If you don't need the flexibility of the custom program and would rather 
make use of existing infrastructure:

http://marc.theaimsgroup.com/?l=php-general&m=110137778213700&w=2

-- 
Jason Wong -> Gremlins Associates -> www.gremlins.biz
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *
------------------------------------------
Search the list archives before you post
http://marc.theaimsgroup.com/?l=php-db
------------------------------------------
New Year Resolution: Ignore top posted posts

-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [PHP Users]     [Postgresql Discussion]     [Kernel Newbies]     [Postgresql]     [Yosemite News]

  Powered by Linux