Mailing List Archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tlug] Prevent access shared server using PHP



Le mardi 1 mars 2011, vous avez écrit :
> My concern is about PHP. It's easy to restrict users access to certain
> folders by a good group/permission policy and also ssh-jail them but
> Apache will be the final user of those PHP scripts and Apache user
> doesn't have the same restrictions as a limited user. It can browse
> whatever is browsable for a common generic user.

Apache suexec, PHP as fastcgi and 2 users for each account (1 with write 
access through ftp/ssh, 1 for the fcgi process/apache suexec with read only 
access)

Francois


Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links