Hi,
I'm building two dedicated servers on desktop computers to host a large number of phpbb forums (maybe up to 1000). One will handle the php/network issues and the other will run as a mysql server. I'm a bit confused about the permissions issue.
At the moment I'm running PHP4.x and Apache1.3.x but I can change if it would be expedient. Basically I want the system to be as secure as possible. The system would work kinda like an instant forum creator. The user could type in a string ... the system would then check if there is already a database under that name, and if not then it would create a new database.
Now I want a large number of people to be able to use the same database (it's an open forum), but I want to shut permissions down as much as possible ... such that if hacks one database, they don't have the ability to mess with them all.
I'd imagine that this would necessitate a different user for each db, as well as setting safemode on, and possibly basedir set. Could this be done smoothly, or would I have to trawl through the user list and match each database with a user everytime someone logs in ?
What I'm thinking of doing at the moment is having a script on the mysql server which the php server would connect with through SSH. The script would set up the create database and set a user with permissions.
I'm kinda confused as to where the apache systems overriding 'nobody' user to fit in to all of this.
-confused
I'm building two dedicated servers on desktop computers to host a large number of phpbb forums (maybe up to 1000). One will handle the php/network issues and the other will run as a mysql server. I'm a bit confused about the permissions issue.
At the moment I'm running PHP4.x and Apache1.3.x but I can change if it would be expedient. Basically I want the system to be as secure as possible. The system would work kinda like an instant forum creator. The user could type in a string ... the system would then check if there is already a database under that name, and if not then it would create a new database.
Now I want a large number of people to be able to use the same database (it's an open forum), but I want to shut permissions down as much as possible ... such that if hacks one database, they don't have the ability to mess with them all.
I'd imagine that this would necessitate a different user for each db, as well as setting safemode on, and possibly basedir set. Could this be done smoothly, or would I have to trawl through the user list and match each database with a user everytime someone logs in ?
What I'm thinking of doing at the moment is having a script on the mysql server which the php server would connect with through SSH. The script would set up the create database and set a user with permissions.
I'm kinda confused as to where the apache systems overriding 'nobody' user to fit in to all of this.
-confused