On Jan 11, 2008 10:57 PM, Jeff Pang <[EMAIL PROTECTED]> wrote: > I met a strange requirement that, given Apache has two virtual hosts, vhA and > vhB, vhA's document root is: /path/a/; vhB's document root is: /path/b/. > > vhA's programs are running under /path/a/cgi-bin, but actually, the programs > of vhA can access vhB's directory (ie,they can open and write some files in > /path/b/). vice versa, the programs of vhB can access vhA's directory.
What are you trying to protect against? Intentional sabotage in programs you're going to execute? That's pretty difficult. If you just want to prevent people who come in on vhA from accessing the files in /path/b, you're already done. Changing the document root is enough. - Perrin
