[Date Prev][Date Next][Thread Prev][Thread Next][Minivend by date
][Minivend by thread
]
SuExec/DBI users: how to configure a catalog?
****** message to minivend-users from Mark Stosberg <mark@summersault.com> ******
Hello!
I work at a web hosting firm, and we plann to host multiple Minivend accounts,
using SuExec and DBI for secure access to our Postgres database. I'd
like to inquire what an optimum Minivend SuExec setup is.
I realize if I have the SuExec user and group on the server set run
tlink/vlink (simple.cgi) as "username" then it can't talk to the
minivend server, which runs as mvend, because simple.cgi must be owned
by "username" to run.
Which leads me into a second possible set up, in which the SuExec user
and group are set to "mvend" so simple.cgi can talk to the minivend
server. DBI Authetication information could be kept within each
catalog.cfg file. However, I have concerns that if all clients scripts
are being run as "mvend" I may have a security holes with people being
able to get into each others databases. Am I offbase? What are other
SuExec/DBI users doing that works and is secure?
-mark
http://flip.summersault.com
-
To unsubscribe from the list, DO NOT REPLY to this message. Instead, send
email with 'UNSUBSCRIBE minivend-users' in the body to Majordomo@minivend.com.
Archive of past messages: http://www.minivend.com/minivend/minivend-list
