John Oxley wrote: > has gallery setup on his webpage and the albums directory is chmod > 707'd so that httpd can write to it.
Does that user realize that everybody else on the server can use PHP to write web content to that directory?... Perhaps if a defacement example were demonstrated, he'd move those files out of his web directory, and add in some PHP scripts to read/write the image files with validation-checking, such as using http://php.net/getimagesize to make sure the image file *IS* an image file. > The problem is that httpd creates files as http:group and quota is not > picking up that he is using more disk space than we want him to. One possibility, if you are running Apache 2.0, is to set each PHP user on a directory by directory basis in httpd.conf Or so I've been told. Never done it yet. It cannot (readily) be done in Apache 1.x -- Like Music? http://l-i-e.com/artists.htm _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"