| 1 |
Hi Angel, |
| 2 |
|
| 3 |
You can try the following: |
| 4 |
|
| 5 |
In your <VirtualHost .... > </VirtualHost> set |
| 6 |
|
| 7 |
php_admin_value open_basedir "/home/sites/g/gentoo.org/"|| |
| 8 |
|
| 9 |
Now all scripts in the vhost is bound to that base directory. |
| 10 |
|
| 11 |
Regards, |
| 12 |
|
| 13 |
Patrick |
| 14 |
|
| 15 |
PS: here's a link to the php.net site about open_basedir: |
| 16 |
http://nl2.php.net/manual/en/features.safe-mode.php#ini.open-basedir |
| 17 |
|
| 18 |
|
| 19 |
Angel Freire wrote: |
| 20 |
|
| 21 |
>Hi, |
| 22 |
> |
| 23 |
>I guess that this has been asking so I just ask for a reference to the a |
| 24 |
>thread where mi question is answer because I can't find it. |
| 25 |
> |
| 26 |
>In this scenario: |
| 27 |
> |
| 28 |
>One webserver that sets Apache User and Group per VirtualHost, with many |
| 29 |
>of these, and each one in a different htdocs of course. |
| 30 |
> |
| 31 |
>If VirtualHost A has some php files with an access mask like 777 (common |
| 32 |
>in hostings) and VirtualHost B 'guess' the VH A full dir it can trough |
| 33 |
>fopen or many other ways open these file. |
| 34 |
> |
| 35 |
>How can I stop users from do that? |
| 36 |
> |
| 37 |
>Thanks, |
| 38 |
>Angel |
| 39 |
> |
| 40 |
> |
| 41 |
> |
Archives