On Aug 8, 2007, at 9:34 PM, Richard Lynch wrote:
On Wed, August 8, 2007 7:52 pm, jekillen wrote:
I have a question about including php files that are outside of
the web server document root. What permission does Apache
use to access files outside of the document root?
Here is the situation:
I want to store sensitive data such as login/pw data for
registered users. I also want to make all the web content
rwx for user nobody (FreeBSD) only. So no ftp access,
no mortal user access, etc. Is it possible to do this in
this situation? Would the Parent Apache process use
its privileges to include a file of this type?
I have texts and other data about storing data out side
the document root, but none go into it in this detail?
Apache runs as the "User" setting in httpd.conf
If that "User" can rwx the files, then PHP can rwx the files.
If not, not.
It's that simple.
Thanks, so if I make the directory and file outside of the document
root owner noboby with rwx for owner only, that will work?
Jeff K
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
