Those are the only two methods I'm aware of... Zend does offer it's Encoder
Unlimited on a subscription basis though that would allow you to encode all
of your users scripts (they actually list that as problem for which the
encoder is a good solution).
-jm
-----Original Message-----
From: Gustavo Vieira Goncalves Coelho Rios [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 21, 2001 10:55 PM
To: Javier Muniz
Cc: [EMAIL PROTECTED]
Subject: Re: [PHP] security
Javier Muniz wrote:
>
> Encode them, or set filesystem permissions in such a way (suggest using
> groups) to allow apache to read files but not other users.
>
> For instance, if your users are all members of the users group, and apache
> runs as nobody, then set your files to be owned by the user with the
nobody
> group (chown user:nobody <file>) then set it to be readable by group, but
> not others (chmod 640 <file>).
>
> -jm
>
> -----Original Message-----
> From: Gustavo Vieira Goncalves Coelho Rios [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, February 21, 2001 9:15 PM
> To: [EMAIL PROTECTED]
> Subject: [PHP] security
>
Thanks, but i am considering such an approach! Isn't there any other way
out?
May i consider using php in a shell server environment a stupid thing to
do ? Since security is very critical in such environments!
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
