On Wed, August 8, 2007 7:52 pm, jekillen wrote: > I have a question about including php files that are outside of > the web server document root. What permission does Apache > use to access files outside of the document root? > Here is the situation: > I want to store sensitive data such as login/pw data for > registered users. I also want to make all the web content > rwx for user nobody (FreeBSD) only. So no ftp access, > no mortal user access, etc. Is it possible to do this in > this situation? Would the Parent Apache process use > its privileges to include a file of this type? > I have texts and other data about storing data out side > the document root, but none go into it in this detail? Apache runs as the "User" setting in httpd.conf If that "User" can rwx the files, then PHP can rwx the files. If not, not. It's that simple. -- Some people have a "gift" link here. Know what I want? I want you to buy a CD from some indie artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php