----- Original Message ----- > Hello, > > On 20.04.11 00:47, --[ UxBoD ]-- wrote: > > I have noticed that when running Joomla, or in-fact any browsing > > capable > > PHP code, I am able to navigate above my virtual host document root > > and > > look at other virtual host files. > > > > How would one stop this ? I have taken a look at mod_chroot but > > that does > > not seem to work as ChrootDir can only be used in the main > > configuration > > and not in the VirtualHost directive. > > just a 1.5 months ago this question was asked and (imho) answered. > Usually the PHP scripts are run under the same user apache runs as, > so they > have the same permissions. > > You can limit files which can a PHP script access by using PHP > directives > open_basedir and doc_root. > > You can run peruses MPM wich apathe 2.2. > > You can also run PHP as CGI using suexec, but that's a bit > ineffective. > I don't know how does FastCGI work. > I managed to get Joomla working, kind of, in an Apache 2.2 chroot but then I hit a problem with JDate not working so I raised http://joomlacode.org/gf/project/joomla/tracker/?action=TrackerItemEdit&tracker_item_id=25870 I have now switched to trying to get SuExec and FCGI working but hitting an issue with: [Fri May 13 08:29:29 2011] [warn] [client XXXXXXXXXXXX] (104)Connection reset by peer: mod_fcgid: error reading data from FastCGI server [Fri May 13 08:29:29 2011] [error] [client XXXXXXXXXXX] Premature end of script headers: test.php Though will post this as a separate thread. -- Thanks, Phil --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|