Re: multi-user php setup problem — PHP Programming Language

You are here: Re: multi-user php setup problem « PHP Programming Language « IT news, forums, messages

Posted by Czapi on 02/08/07 09:43

cmk128@hotmail.com wrote:
> My problem is : if user A is uploaded a php file, user A can use php
> to read user B directory. How can i isolate them?
> That mean if there is php file in /phpspace/usera/index.php, how can i
> make it can read the directory phpspace/usera only?

Simply use umask or force files to have specific access rights:

user not in group www,
web server user in group www,
files group: www,
files mode: rw-r----- (640).

Simple - user won't be able to read...

And for a more secure option man chroot (use apaches virtualhost directive).

Safe mode might help as well.

--
Cz.

Navigation:

Next in forum: Re: Dynamically saving HTML containing PHP variables through PHP
Prev in forum: Dynamically saving HTML containing PHP variables through PHP
Thread view: Re: multi-user php setup problem

[Reply to this message]

Удаленная работа для программистов • Как заработать на Google AdSense • England, UK • статьи на английском • PHP MySQL CMS Apache Oscommerce • Online Business Knowledge Base • DVD MP3 AVI MP4 players codecs conversion help

Home • Search • Site Map • Set as Homepage • Add to Favourites

Сайт изготовлен в Студии Валентина Петручека —
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация