Hello, On 20.04.11 00:47, --[ UxBoD ]-- wrote: > I have noticed that when running Joomla, or in-fact any browsing capable > PHP code, I am able to navigate above my virtual host document root and > look at other virtual host files. > > How would one stop this ? I have taken a look at mod_chroot but that does > not seem to work as ChrootDir can only be used in the main configuration > and not in the VirtualHost directive. just a 1.5 months ago this question was asked and (imho) answered. Usually the PHP scripts are run under the same user apache runs as, so they have the same permissions. You can limit files which can a PHP script access by using PHP directives open_basedir and doc_root. You can run peruses MPM wich apathe 2.2. You can also run PHP as CGI using suexec, but that's a bit ineffective. I don't know how does FastCGI work. -- Matus UHLAR - fantomas, uhlar@xxxxxxxxxxx ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. (R)etry, (A)bort, (C)ancer --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|