[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Savannah-hackers] problem runnig mysql as "nobody"
From: |
loic |
Subject: |
Re: [Savannah-hackers] problem runnig mysql as "nobody" |
Date: |
Tue, 3 Apr 2001 18:28:43 +0200 |
Guillaume Morin writes:
> Dans un message du 03 avr à 8:12, address@hidden écrivait :
> > The log_accum script is run under the uid of the user. And running
> > a script that allows any user (CVSROOT for each project is writable by
> > the project contributors) to get access to the MySQL database seems
> > dangerous
> > to me.
>
> It depends. We could place a .my.cnf file in every home directory with a
> user and a password. We would just authorize this user to select the
> name and email columns.
>
> That seems pretty secure, but maybe it is overkill.
Seems a bit overkill, yes. Grepping the aliases file is enough
and does not require to maintain tons of files and permissions ;-)
Cheers,
--
Loic Dachary http://www.dachary.org/ address@hidden
24 av Secretan http://www.senga.org/ address@hidden
75019 Paris Tel: 33 1 42 45 09 16 address@hidden
GPG Public Key: http://www.dachary.org/loic/gpg.txt