Hi, Some times ago I played with exaclty your configuration. If you strace the httpd process you can see that it's searching some files under /usr/share related to date and time. Here an extract of my chroot with files Icopied under my chroot /chroot/usr/share/zoneinfo/Europe/Rome /chroot/usr/share/zoneinfo/zone.tab Hope this helps. Marco On Fri, May 13, 2011 at 9:35 AM, --[ UxBoD ]-- <uxbod@xxxxxxxxxxxx> wrote: > ----- Original Message ----- >> Hello, >> >> On 20.04.11 00:47, --[ UxBoD ]-- wrote: >> > I have noticed that when running Joomla, or in-fact any browsing >> > capable >> > PHP code, I am able to navigate above my virtual host document root >> > and >> > look at other virtual host files. >> > >> > How would one stop this ? I have taken a look at mod_chroot but >> > that does >> > not seem to work as ChrootDir can only be used in the main >> > configuration >> > and not in the VirtualHost directive. >> >> just a 1.5 months ago this question was asked and (imho) answered. >> Usually the PHP scripts are run under the same user apache runs as, >> so they >> have the same permissions. >> >> You can limit files which can a PHP script access by using PHP >> directives >> open_basedir and doc_root. >> >> You can run peruses MPM wich apathe 2.2. >> >> You can also run PHP as CGI using suexec, but that's a bit >> ineffective. >> I don't know how does FastCGI work. >> > > I managed to get Joomla working, kind of, in an Apache 2.2 chroot but then I hit a problem with JDate not working so I raised http://joomlacode.org/gf/project/joomla/tracker/?action=TrackerItemEdit&tracker_item_id=25870 > > I have now switched to trying to get SuExec and FCGI working but hitting an issue with: > > [Fri May 13 08:29:29 2011] [warn] [client XXXXXXXXXXXX] (104)Connection reset by peer: mod_fcgid: error reading data from FastCGI server > [Fri May 13 08:29:29 2011] [error] [client XXXXXXXXXXX] Premature end of script headers: test.php > > Though will post this as a separate thread. > -- > Thanks, Phil > > > > --------------------------------------------------------------------- > The official User-To-User support forum of the Apache HTTP Server Project. > See <URL:http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx > " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx > For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx > > -- _________________________________________ Non è forte chi non cade, ma chi cadendo ha la forza di rialzarsi. Jim Morrison --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|