-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sat, 12 May 2007, Dragon wrote:
PHP provides for this directly.There is a restrict_base_dir setting that can be applied to each virtual host that prevents users from accessing anything outside of the specified directory tree.
Correct, everybody should be using this in a shared hosting environment, and also to tighten the reins furher should use disable_functions
The one I use and has given us no complaints except for some lame program that wants to know the system uptime stats, which has nothing to do with a user anyway, even if it only wants it for the load, again, nothing to do with user, if the load gets high (above 5 on 15 min avge) we have alarms to let us know.
disable_functions = exec, shell_exec, system, virtual, show_source, readfile, passthru, escapeshellcmd, popen, pclose, phpinfo
- --
Cheers Res Vote for your favourite MTA at http://polls.ausics.net/v3.php -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGRj6fsWhAmSIQh7MRAumRAKCf4eW3oY4sGAfEP0xewn/fZgGR8ACfaJuC KQyQOYmGKCWvUUNNKQ1Dk9w= =0tLW -----END PGP SIGNATURE----- --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|