Security Issues in Shared Web Hosting Environments
Nowadays you can get some MB of Web space with PHP and CGI scripting on a shared Linux/Unix Web server for a few bucks just about everywhere. But least some of these Web hosters seem to take security lightly.
The problem of course is that all users on a Web host usually share the same Web server process which runs under its own Unix user-id, and therefore all Web pages (including PHP-scripts) have to be world-readable. But if you want to access some database from your PHP scripts you have to store the password for the database somewhere. This password must be readable by the Web server (PHP interpreter) so it must also be stored in a world-readable file. And of course the file containing the password can then also be read by other users (or by other users' CGI scripts).
PHP tries to solve the problem by providing a "safe-mode" that limits a scripts ability to access files with a different owner than the current script's owner. But this doesn't solve the problem if CGI scripts or direct telnet/ssh access is also allowed.
One obvious solution is to put each user in a chroot environment with its own Web server, but this would drastically increase resource consumption on the machine and therefore isn't suitable for reasonably priced Web hosters.
Possible Solution
But, as I think, there is a simpler solution. You don't have to care about file permissions if no one except you and the Web server knows the file name (including the full path). So the only thing you have to do is change the document root from something like /home/user/www to /home/user/www-secret and ensure that the home-directory isn't world-readable (it must still be world-accessible though). Of course, your Web server configuration file must not be world-readable, too.
Resources
