| 1 |
Thanks Patrick and Leon, with that is enought to start the server :) |
| 2 |
|
| 3 |
|
| 4 |
El dom, 20-06-2004 a las 09:14, Patrick Lodder escribió: |
| 5 |
> Hi Angel, |
| 6 |
> |
| 7 |
> You can try the following: |
| 8 |
> |
| 9 |
> In your <VirtualHost .... > </VirtualHost> set |
| 10 |
> |
| 11 |
> php_admin_value open_basedir "/home/sites/g/gentoo.org/" |
| 12 |
> |
| 13 |
> Now all scripts in the vhost is bound to that base directory. |
| 14 |
> |
| 15 |
> Regards, |
| 16 |
> |
| 17 |
> Patrick |
| 18 |
> |
| 19 |
> PS: here's a link to the php.net site about open_basedir: |
| 20 |
> http://nl2.php.net/manual/en/features.safe-mode.php#ini.open-basedir |
| 21 |
> |
| 22 |
> |
| 23 |
> Angel Freire wrote: |
| 24 |
> > Hi, |
| 25 |
> > |
| 26 |
> > I guess that this has been asking so I just ask for a reference to the a |
| 27 |
> > thread where mi question is answer because I can't find it. |
| 28 |
> > |
| 29 |
> > In this scenario: |
| 30 |
> > |
| 31 |
> > One webserver that sets Apache User and Group per VirtualHost, with many |
| 32 |
> > of these, and each one in a different htdocs of course. |
| 33 |
> > |
| 34 |
> > If VirtualHost A has some php files with an access mask like 777 (common |
| 35 |
> > in hostings) and VirtualHost B 'guess' the VH A full dir it can trough |
| 36 |
> > fopen or many other ways open these file. |
| 37 |
> > |
| 38 |
> > How can I stop users from do that? |
| 39 |
> > |
| 40 |
> > Thanks, |
| 41 |
> > Angel |
| 42 |
> > |
| 43 |
> > |
| 44 |
> |
Archives