On Thu, Sep 28, 2006 at 05:48:26PM +0200, Joachim Schipper wrote: > On Thu, Sep 28, 2006 at 12:52:41PM +0200, Joachim Schipper wrote: > > On Thu, Sep 28, 2006 at 10:55:30AM +0200, Aiko Barz wrote: > > > The issue: If my users start to install a php-Filebrowser, they are > > > able to access the other Webdirectories and could read config.php, > > > because they are doing it with the permissions of the webserver. > > > Write access would be possible as well, since some parts need to have > > > write access.
> > suExec + PHP is not feasible for many people, due to the high webserver > > load incurred; suPHP may be less problematic, or not. > > It appears, from a quick web search, that FastCGI allows one to give > each user its own PHP instance. Yes--wrap fastCGI daemons in suExec. Each fastcgi process runs with uid/gid of site owner. Use dynamic servers and make 'em die out fast. If a site is busy, servers will stay resident and site is fast. Low volume sites are slow on first hit, as new server needs to spawn. A side benefit is that you can specify a different php.ini for each vhost. Fix your umask for FTP server so "other" doesn't have read permissions for newly uploaded files. Turn search bit off for "other" users in as many directories in your vhost tree as possible. Expect to spend a couple days getting it right. ;) m
