Andre Hübner <andre.huebner@xxxxxx> writes: > Hi, > >>> You can do restrictions of particular options using the technique >>> shown her= >>>e: >>>http://httpd.apache.org/docs/2.2/howto/htaccess.html#how > >>>But I have a feeling that there are other ways around your separation. >>>It depends on exactly the details of how you are running your scripts. > >>> Joshua. > > I only can repeat. The way how to create the symlink is > irrelevant. With Scriptingtechniques no reading of the files of other > user is possible. (openbasedir/permission denied etc.) On most Apache configurations, a script written by any user can read any files that Apache can read. It runs as the Apache user (usually apache or httpd), and can read any files accessible to that user. If you're running something like suEXEC, though, you're right that the symlinks will be accessed with a different user than scripts, and could provide access to files they would not otherwise have access to. Hopefully one of the other suggestions in this thread has allowed you to restrict symlink following without breaking your .htaccess files. Good luck! -----Scott. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|