Hello list,I'm setting up a webserver with php. Here, security is very important, thus I want to use SuExec for running each website as a separate user. I've set up a VirtualHost as:
<VirtualHost *:80> SuexecUserGroup foo foo ServerAdmin foo@xxxxxx DocumentRoot /var/www/www.foo.hu ServerName www.foo.hu </VirtualHost>It seems to be working, when I run a phpinfo file from the site, I can see the custom environment variables for the foo user. All files for the website are owned by the foo user. However, if I set modes for the files to 600, i get 403. I don't see why this is happening, since the pages should be read/run as foo. If I give world read, the page comes back. It is very important to take the world read, however. I'm doing this for a consumer, not for myself, and he complains, that the users can dig in other sites for MySQL passwords, etc, so it is not enough for him, he wants to have these sites running without world read modes.
Could you help me, please? I really don't know what I'm doing wrong... Thanks in advance, Gabor --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|