Daniel Kolbo wrote: > > > Shawn McKenzie wrote: >> Daniel Kolbo wrote: >> >>> Hello PHPers, >>> >>> I am quite ignorant about file system security. I was hoping you all >>> could help me understand things. >>> >>> How does one restrict php script from going (reading, writing) files in >>> the file system? >>> As I see it, a php programmer could change the include_path, with >>> ini_set(), use "../" etc..., and browse all the files on the server to >>> which the php engine has access. This would clearly not be acceptable >>> to a web host company, so how do most hosts restrict this kind of >>> behaviour? >>> >>> Now, suppose i only have php access to my 'files' as defined by my host >>> somehow. (again, my first part of the question is how do they do >>> this?). Is it possible for me to further restrict this file >>> accessibility for different sub-folders? Let me provide an example >>> folder hierarchy and user scenario. >>> Suppose there are two php programmers (me and you). I want full access, >>> but I want to restrict you to your subdomain (subdomain2). >>> >>> +AllUsers (me and you) >>> +Domain1 >>> ++Subdomain1 (me only) >>> ++Subdomain2 (me and you) >>> ++SharedDomain (me and you) >>> +ServerFile1 (me only) >>> +ServerFile2 (me only) >>> +SecretFile (no user) >>> >>> Thanks for helping understand how to restrict/limit different php >>> programmers from going into places I'd rather them not go. >>> dK >>> >>> >> >> Two methods come to mind, chroot and just setting perms for specific >> dirs. >> >> > > Hello, > 1) chroot > I don't understand how to specify to the php engine to chroot upon > different scripts being executed (scripts that i don't control). Would > you please clarify? > 2)perms > The php engine is what has access to specific dirs (not users, > scripts,). That i know of, the php engine doesn't allow per user > permissions. That is, it is one engine, one set of perms. Are you > suggesting i have a separate php engine for each user? > > 3) Maybe i can simplify this question: How does a hosting company, in a > shared virtual host server environment, prevent all their clients (php > programmers) from snooping into all the other clients' folders? I am > assuming we are all using the same php engine, as it is a shared apache > host. > O.K. I read and typed too fast. In short, suexec with apache will run a user's scripts as that user so long as php is run as cgi and not the apache mod. Also, virtual hosts in apache define the docroot for a virtual host (user/domain/etc.), so other virtual hosts can't access outside of that docroot into other virtual hosts. So the perms part of my previous reply was related to suexec and chroot was out of my ass because many times you would chroot apache for extra security from the webserver in general. -- Thanks! -Shawn http://www.spidean.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
