> Not sure, but I think you should arrange all vhosts under the docroot of > the main server. > > Extract from suexec docs: > > For security and efficiency reasons, all suexec requests must remain > within either a top-level document root for virtual host requests, or > one top-level personal document root for userdir requests. For example, > if you have four VirtualHosts configured, you would need to structure > all of your VHosts' document roots off of one main Apache document > hierarchy to take advantage of suEXEC for VirtualHosts. (Example > forthcoming.) >
I suspected as much - but this seems insecure, as all sites must be in a world-readable location.. while on the subject, does User/Group only control suexec, or does apache take on that user's identity when accessing files? -Justin
signature.asc
Description: This is a digitally signed message part