Jaqui Greenlees did speak thusly:
Yes, as Nick mentioned, suexec and user/group permissions are the common method for securing the site(s) from this. another option, slightly more hardware intensive is the have each hosted site running as a separate instance of apache chrooted so they do not have any access to the rst of the servers file system.
---------------- End original message. --------------------- That approach is absolutely unnecessary and overly complicated.As I said in my previous reply to this thread, PHP provides such a mechanism that is very easy to use.
Dragon ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Venimus, Saltavimus, Bibimus (et naribus canium capti sumus) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|