encrypted filesystem with apache needing access
what is 'a good/the best' way to go if you want to accomplish:
- data in a webdir (php files) not 'viewable', but accessible by apache to serve webusers.
- data not accessible if you should place the disk physically in a different system
Anyway, you got the point I think.
Data needs to be encrypted, not accessible by end users, only by the original creator of the 'system' who must know the 'ID', 'passphrase', 'key' or whatever..
The bigger problem is that apache needs those .php files to serve 'm to webclients (oh, include mysql files too, but if we can solve 1, we can solve 2 :-))....
Put the PHP files that apache needs in PHP's path (/usr/lib/php or something like that), but outside Apaches document tree.
I think it works! You'll need to put a PHP file in Apaches document tree (obviously - how else will the users get at it?), but use include(file.php) for the others. If you don't put include(./file.php), notice the dot slash, I think PHP's default behaviour is to look in the current document base, and then it's include path.
Re: placing the disk somewhere else, dunno sorry!
|All times are GMT -5. The time now is 02:39 AM.|