[prev in list] [next in list] [prev in thread] [next in thread]
List: mysql
Subject: Re: user-based authentication
From: Van <vanboers () server ! dedserius ! com>
Date: 1999-07-20 23:15:56
[Download RAW message or body]
sinisa@cytanet.com.cy wrote:
>
> Brighten Godfrey writes:
> > Am I right in believing that there is no way of securely limiting a mysql
> > user to logging in from a specific account? (This is with the latest
> > version of MySQL on Caldera OpenLinux 2.2). The issue is that I need a
> > CGI to connect to the database, so it needs to store a password to connect
> > with. I can use Apache's suEXEC module to store the password in a file
> > readable only by the user that the CGI is run as, but still, this is
> > rather insecure since the password would be stored unencrypted. Ideas?
> >
> > Thanks very much,
> > ~Brighten
> > ________________________________________________________________
> > Brighten Godfrey godfreyb@bigw.org
> > http://brighten.bigw.org/ godfreyb@cmu.edu
> > ________________________________________________________________
> >
>
mod_auth_mysql works awesome. It's tricky setting it up at first (give
yourself a few hours to work out the synchronization with the mysql
dbase), but once installed; very slick. Also, make sure you lock down
your standard UNIX security with host.allow/.deny, and don't run
services you don't need. If people try to crack your web-server, run
crons to back-up your pages somewhere secure and let root make sure they
get updated. The Web-server only requires microseconds to restart on
even the slowest machines.
My 2 cents.
Van
--
=========================================================================
Linux rocks!!! http://www.dedserius.com
=========================================================================
---------------------------------------------------------------------
Please check "http://www.mysql.com/Manual_chapter/manual_toc.html" before
posting. To request this thread, e-mail mysql-thread7924@lists.mysql.com
To unsubscribe, send a message to the address shown in the
List-Unsubscribe header of this message. If you cannot see it,
e-mail mysql-unsubscribe@lists.mysql.com instead.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic