On 5/12/07, Dragon <dragon@xxxxxxxxxxxxxxxxxx> wrote:
PHP provides for this directly. There is a restrict_base_dir setting that can be applied to each virtual host that prevents users from accessing anything outside of the specified directory tree.
Unless you happen to be using a library that accesses files on its own and therefore doesn't obey this restriction. Now go count how many libraries are plugged into your php install and see if you can verify the security of each one. It is my understanding that the base_dir and safe_mode restrictions in php are widely known to be unreliable and, in fact, will be removed in future versions. In general, running any apache module with different permissions per request is not technically feasible. This is because the process is the fundamental unit of permission control in unix and apache modules run in the same process as the server. To get real security, you need to put things that run under different permissions in different processes.There are lots of ways to do this, most already suggested in this thread: suexec, fastcgi, etc. You can also run multiple pools of apache processes with different permissions: http://wiki.apache.org/httpd/Recipes/Different_UserIDs_Using_Reverse_Proxy Of course, that will only work for a small number of different userids. If you need to run with hundreds or more vhosts, then php as a CGI under suexec (or similar suid tool) is probably the best solution. Joshua. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|