On Fri, 11 May 2007 23:01:12 -0500 Sam Lavitt <sam@xxxxxxxxxx> wrote: > I am wondernig if apache 2.2 has a means to prevent a user with a > site hosted on the server, from accessing another users files. That's the operating system's business. > (e.g. > I have /hosting/user1, and I don't want him to be able to run a > script to open /hosting/user2/password-file) You mean protect user2 from possible consequences of idiocy? Read up on suexec for scripts. And consider using group permissions. > I read someplace that > there was a mpm for apache 1.3 that would restrict the child threads > spawned for each request to files that could be accessed by a > specific user account, but I can find no such mpm for apache 2.2. An MPM is to 1.3 as a bicycle to a fish. -- Nick Kew Application Development with Apache - the Apache Modules Book http://www.apachetutor.org/ --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|