[plug] [OT] Password security with shared web hosting
James Devenish
devenish at guild.uwa.edu.au
Wed Aug 25 21:46:46 WST 2004
In message <Pine.LNX.4.56.0408252126351.20710 at cyllene.uwa.edu.au>
on Wed, Aug 25, 2004 at 09:35:28PM +0800, Denis Brown wrote:
> May not be directly relevant to your situation, but for what it's worth...
> I have a database which needs to be accessed by a C programme.
Thanks for the idea. I categorise this under the 'suexec' category of
activities, which is fine if you can have such set-uid executables. If
your C programme is not already using this mechanism, you might like to
investigate it for its potential to provide enhanced security.
Unfortunately, I imagine the answer to my question is more like what
Cameron suggested: a module that does this "automically" based on file
ownership, thereby protecting users against themselves and their turnkey
solutions.
More information about the plug
mailing list